Python backend binding to PAM, NSS or pppd

[Heiko Wundram]

Hey all!

Before I start hacking away, I'm looking for a Python backend binding for
libpam or libnss, or a python binding for the pppd plugin mechanism.

I'm trying to set up an SQL authentication scheme for virtual user accounts
used for mail and PPTP-VPN-access, and I'd love to do the authentication bit
in Python. And, yes, I know about pam-mysql and nss-mysql, but both projects
are old and unmaintained, and I use Oracle as backend DB anyway.

If anybody knows of any project which has implemented a part of this, I'd love
to hear about the effort...

--
--- Heiko.
listening to: Wir Sind Helden - Du Erkennst Mich Nicht Wieder
see you at: http://www.stud.mh-hannover.de/~hwundram/wordpress/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQBCVLqwf0bpgh6uVAMRAtwyAJ9J1gcvX0/X2SkUmLSCTj7+dS7n5ACfV9Us
28Bk8RK1SRtf0Yrv3ca4ySQ=
=5E+j
-----END PGP SIGNATURE-----

 

[Diez B. Roggisch]

Hey all!

Before I start hacking away, I'm looking for a Python backend binding for
libpam or libnss, or a python binding for the pppd plugin mechanism.

I'm trying to set up an SQL authentication scheme for virtual user
accounts used for mail and PPTP-VPN-access, and I'd love to do the
authentication bit in Python. And, yes, I know about pam-mysql and
nss-mysql, but both projects are old and unmaintained, and I use Oracle as
backend DB anyway.

If anybody knows of any project which has implemented a part of this, I'd
love to hear about the effort...

I've been using pyton-pam before. Works as expected - but pam frustrated me
a bit, and you gotta run as root for it to work - a thing I didn't want to
do.

No idea for pppd.

 

[Diez B. Roggisch]

I've been using pyton-pam before. Works as expected - but pam frustrated

me a bit, and you gotta run as root for it to work - a thing I didn't want
to do.

Ok, I just found that you wanted to play from the other side of the fence -
never mind my answer.

 

[Gerald Klix]

Well, I am actually playing, right now. For http://www.carelix.org I
implemented
a module that
* adds a user to passwd and
* authenticates that user given a certificate and some other info on
removable media
* it creates an encrypted loopback file, that is mounted as the
user's home directory utilising Loop-AES and the certficate on the floppy
* and it opens an openvpn connection using the same certificate
* and, of course, unmounts the loopback file and terminates the vpn
on logout.

Perhaps this is somewhat more than playing

cya,
Gerald