Solaris and pam_setcred() functionality
I am trying to get MySQL authentication plugin working via PAM on Solaris 11. There are two main parts to my questioning:
1. Can I simply bypass pam_unix_cred.so in the pam.conf and still have an effective match in pam_unix_auth.so? I don't see why this would not be possible, but I would like to know if there are any dangers to watch out for here.
2. In doing the bypass, the plugin goes through the pam auth and account stage fine, but errors out on pam_setcred using PAM_ESTABLISHED_CRED. Should this be PAM_REINITIALISE_CRED to manage the task changes or is there some other catch to be aware of here?
Thanks for the help!