The authentication procedure is a manual one. The user has to type in a user name and password. If you have a complex PAM configuration with many modules, manually testing it will take some time. Moreover, when you change a minor thing, you have to go though all the test cases again.
The pamtester utility introduced in the previous section is an interactive command-line program—you have to type in the authentication token (password) for each test case.
It is possible to automate PAM testing by combining pamtester with Expect. Expect is a general software package, which can be used to turn interactive command-line programs into non-interactive programs. It is out of the scope for this book to describe Expect in detail but you can learn more at http://expect.nist.gov/. An Expect script for automated testing of the httpd service is shown below:
#!/usr/bin/expect -f # pamtest - automated PAM tests send_user "Valid user, valid password" spawn pamtester httpd pamela authenticate...