0

I write a pam module that is called when user execute the sudo command. I have already got the username, password, tty, but now, I have to get the user command to encrypt.

If user exec 

sudo ls -l

I have to get ls -l

I have no pam app for my module. (So I use only pam_modules.h) and my module is called first in /etc/pam.d/sudo

I thought about using the netlink socket like pam_tty_audit, but I don't thinks this is the best method (or the most simple)

Have you any idea for getting the user command ?

Thank you and sorry for my bad english

Tristan
  • 3,192
  • 3
  • 20
  • 32
Aurel
  • 3
  • 3

1 Answers1

0

According to the API documentation of sudo's authentication mechanisms, the command is not passed to the authentication backend, so PAM is the wrong place to do whatever you are trying to do. Consider writing a sudo plugin instead.

Phillip
  • 13,448
  • 29
  • 41