I've build a program in C, I run it on Ubuntu.I'm using PAM to authenticate users, e.g. I launch a client, the client sends username and password, the server authenticate the user.The problem is that if I launch, from userA, the program that makes the PAM authentication, I can only authenticate userA, while if I try to authenticate userB I get:
Failure in pam authentication: Authentication service cannot retrieve authentication info
I can solve this only if I run the program with sudo, but I don't think that's the appropriate approach?
Here's a summary of how I use PAM as of now:
pam_handle_t *handle = NULL;const char *service_name = "myservice";int retval;char *username;retval = pam_start(service_name, NULL, &conv, &handle); // &conv is a pointer to the struct with the standard/default misc_conv functionif (retval != PAM_SUCCESS){ ...}retval = pam_authenticate(handle, 0);if (retval != PAM_SUCCESS) { ...}I've also this file in pam.d folder:
auth required pam_unix.soauth required pam_listfile.so onerr=fail item=group sense=allow file=/etc/login.group.allowedaccount required pam_unix.so