Re: Authen::PAM Help

Your app has to run as root to do what you want. PAM is just a library, and can't promote your priviledges on its own. What I would suggest is sudo. You can configure it to run without asking for the user's password, and you can configure a list of apps that are OK to run as root. See your man pages for details.

mhoward - at - hattmoward.org

Comment on Re: Authen::PAM Help

Replies are listed 'Best First'.
Re^2: Authen::PAM Help by groundstate (Initiate) on Jul 17, 2004 at 00:53 UTC
Okay, fine... but I will still need my app to execute some binaries as the original user. Maybe PAM isn't the way to do it. Is there not a way I can run app A (as user or root, I don't care, but must be written in perl), and have app A execute various binaries both as the original user and some others with root privileges?	[reply]
Re^3: Authen::PAM Help by meredith (Friar) on Jul 17, 2004 at 01:48 UTC
Umm, yeah.... user: `system "/usr/bin/foo";` root: `system "sudo /usr/bin/foo";` You could run the app as root, and use sudo -u or fork, then drop privs, but that's just a bad idea. `mhoward - at - hattmoward.org`	[reply]
Re^3: Authen::PAM Help by jdalbec (Deacon) on Jul 17, 2004 at 01:45 UTC
`sudo -u <username> <command>` Update: Sorry, I guess I misread "some others" as referring to other users instead of other programs. Anyway, you can use sudo to run programs as any user (if you have rights to do so) not just as root.	[reply] [d/l]