You are not logged in.
Hi,
I want a basic script executed via pam_exec.so. Let's say it should be executed if somebody logs in via OpenSSH.
So I added the following line to /etc/pam.d/sshd:
session optional pam_exec.so /path/to/script.shThe script only contains "#!/bin/bash" and "echo 'works'". The script is set to chmod 777 (for testing), and I can execute it as any user on the system (including root) by entering "/path/to/script.sh".
However, pam_exec.so doesn't execute it. It already added "debug", and "log=/var/log/pam_exec.log", but debug outputs nothing, and the log file only contains a timestamp each time I log in.
I even added:
session required pam_exec.so /usr/bin/whoamibut nothing happens either.
What do I miss here? pam_exec.so is on the system, permissions are set, and I can manually execute the script …
Edit:
I also added the same lines to other pam.d files like system-login, however, this didn't change anything.
Last edited by pancibule (2019-09-18 17:30:39)
Offline
session required pam_exec.so stdout /usr/bin/whoamiFor terminal output, replace stdout with 'log=/tmp/pam_sshd.log' for file output instead.
Do not give anyone but root write permission to the file, because pam_exec runs as root and therefore anyone could run anything! Better drop down to a less privileged user as soon as possible.
Additionally make sure 'UsePam yes" is set in the sshd_config file.
Offline