1

I have written a pam module using Golang and C, similar to https://github.com/uber/pam-ussh. I am noticing an issue with the signal handler of Golang even though my PAM module is never called to authenticate.

In strace output, I can see that all modules defined in /etc/pam.d/sudo is being opened, so I want to understand what does a shared object created using CGO do when loaded?

Tried strace and see that it creates a new child process using clone() although I am not sure why. I would have thought that unless the method pam_sm_authenticate is called, my shared object shouldn't do anything.

KeepAsking
  • 11
  • 1
  • `clone` is just creating a new thread. The go runtime is always multithreaded. What is the actual issue you are trying to solve? – JimB Jul 18 '23 at 23:09
  • @JimB I think primarily I want to understand what happens when a shared object (created using cgo) is loaded? Why are new threads being created just on load. I thought it should be created during execution – KeepAsking Jul 19 '23 at 14:12
  • It's not specified anywhere, but it's reasonable to assume that the runtime will initialize itself when the library is loaded, it needs to be initialized before any Go calls are made anyway. – JimB Jul 19 '23 at 15:45

0 Answers0