Posted by: Eric Hansen
This is going to be a short article, but one I think will be quite useful for people who venture into making their own PAM modules. This might not work for your system, but for mine (and others it seems too), it does. Note too though that I will most likely be writing a series of articles on writing a custom PAM authentication (and possibly other types) module as this can be very useful for custom set ups.
The official PAM documentation for compiling says to do the following:
gcc -fPIC -c pam_module.c gcc -shared -o pam_module.so pam_module.o -lpam
This might work (I personally don’t see why running two different gcc commands but at the same it clearly makes sense as you have to compile the source to a object file, then compile the object file to a shared library). I haven’t tried it, however. What I have been doing is the following:
gcc -fPIC -c pam_module.c
ld -G -o /lib/security/pam_module.so pam_module.o -lpam[/code]
This does the same as above. ld is mostly used for creating shared library. I set the path to /lib/security/ as that's the default path for PAM modules to be found at. If you're running a 64-bit system, however, it could also be /lib64/security/. We link to the PAM library as we need the symbols from it. As for the gcc line, the "-fPIC", I haven't had any problems with it missing. However, its done in the official text so I tried to stay as close as possible to that information.
Ultimately, I created a Bash file, that has the following text:
#!/bin/sh gcc -fPIC -c pam_module.c ld -G -o /lib/security/pam_module.so pam_module.o -lpam rm -rf pam_module.o
I remove the pam_module.o file because it helps me determine if gcc actually compiled the source or not (paranoia really, nothing more).