我遇到了一个使用 pam_exec 调用的无效简单 python 脚本的问题。
我在该文件末尾添加了一行/etc/pam.d/common-session:
会话可选 pam_exec.so /bin/python /usr/local/bin/pam_notify_python.py
脚本pam_notify_python.py包含一个简单的print "Hello world"
显然,这不起作用,但我不明白为什么。当我su user或简单地执行时,脚本不会打印任何内容su,但当我启动新的 shell 并手动执行时,python /usr/local/bin/pam_notify_python.py它可以正常工作。
我是否遗漏了什么?谢谢阅读!
答案1
手册pam_exec(8)页告诉了我们原因:
stdout
Per default the output of the executed command is written to
/dev/null. With this option, the stdout output of the executed
command is redirected to the calling application. It's in the
responsibility of this application what happens with the output.
The log option is ignored.
因此您需要添加stdout以下行:
session optional pam_exec.so stdout /bin/python /usr/local/bin/pam_notify_python.py