gofer.pam

1 # 2 # Copyright (c) 2011 Red Hat, Inc. 3 # 4 # This software is licensed to you under the GNU Lesser General Public 5 # License as published by the Free Software Foundation; either version 6 # 2 of the License (LGPLv2) or (at your option) any later version. 7 # There is NO WARRANTY for this software, express or implied, 8 # including the implied warranties of MERCHANTABILITY, 9 # NON-INFRINGEMENT, or FITNESS FOR A PARTICULAR PURPOSE. You should 10 # have received a copy of LGPLv2 along with this software; if not, see 11 # http://www.gnu.org/licenses/old-licenses/lgpl-2.0.txt. 12 # 13 # Jeff Ortel <jortel@redhat.com> 14 # 15 # Requires: PyPAM 16 """ 17 PAM authentication classes. 18 """ 19 20 import PAM as _PAM 21 from logging import getLogger 22 23 log = getLogger(__name__) 24 25

26 -class Query:

27

28 - def __init__(self, user, password):

29 self.user = user 30 self.password = password

31

32 - def __call__(self, auth, query_list):

33 resp = [] 34 for query, type in query_list: 35 # prompt for a user 36 if type == _PAM.PAM_PROMPT_ECHO_ON: 37 resp.append((self.user, 0)) 38 continue 39 # prompt for a password 40 if type == _PAM.PAM_PROMPT_ECHO_OFF: 41 resp.append((self.password, 0)) 42 continue 43 return resp

44 45

46 -class PAM:

47 """ 48 PAM object used for authentication. 49 @cvar SERVICE: The default service 50 @type SERVICE: str 51 """ 52 53 SERVICE = 'passwd' 54

55 - def authenticate(self, user, password, service=None):

56 """ 57 Authenticate the specified user. 58 @param user: A user name. 59 @type user: str 60 @param password: A password. 61 @type password: str 62 @param service: The optional PAM service. 63 @type service: str 64 @raise Exception: when authentication fails. 65 """ 66 if not service: 67 service = self.SERVICE 68 q = Query(user, password) 69 auth = _PAM.pam() 70 auth.start(service, user, q) 71 auth.authenticate() 72 auth.acct_mgmt()

73

Source Code for Module gofer.pam