https://bugzilla.suse.com/show_bug.cgi?id=1173387 https://bugzilla.suse.com/show_bug.cgi?id=1173387#c4 --- Comment #4 from Matthias Gerstner <matthias.gerstner@suse.com> --- Since this is implemented in Rust and since I am new to Rust it takes a bit for me to unwrap the program logic. So for the PAM module a larger part is the wrapping of the C level PAM API. Apart from that only two PAM hooks actually do something meaningful: the pam_sm_authenticate() and the pam_acct_mgmt() for the passwd/account PAM types respectively. These hooks basically asks the kanidm daemon whether account and/or password are okay. The daemon is contacted via a UNIX domain socket. The nsswitch library is even simpler and also simply forwards requests to the kanidm daemon. Therefore I need to look close into the communication with the daemon and the daemon source code. I couldn't find much documentation about actually setting up the daemon and its config file, however. Can you help me out a bit here? -- You are receiving this mail because: You are on the CC list for the bug.