Autres
AideEnLigne
CahierDeBrouillon
Présentation
Administration

MesLectures
[Journal d'Ophelia]
[Blog Larnac]
[Traitement texte en ligne]
[Kim Khal]

Informations
[Rue 89]
[Tele libre]

DNS etc
[Robtex]
Logins
Votre ID: 111
Nom:
Login utilisateur
Mot de passe éditeur

PAMViteFait

PAM Linux quick & dirty guide

  • set of libs to handle auth tasks
  • dynamically configurable
  • separeted in 4 segment groups Editer cette page.
    • account: account verif pasord expired ? user permitted to access this service ?
    • authentication: who are you. Password verif
    • password: reponsability of updating auth mechanism
    • session: before and after service tasks: audit trails, mounting/unmounting
  • rules may be stacked to combine the services of a number of PAMs for a given auth task
  • rule line syntax in each file:
  type control module-path module-arguments
  • type: management group for the rule. Valid types are account, auth, password, session
  • control: behavior of PAM-api should the module fails to authenticate. might be value=action pairs
    • valid control values:
      • requisite > immediate termination
      • required > failure after all the stacked modules execution
      • sufficient success is enough to satisfy auth requirements. module stack exiting
      • optional success important if it is the only module in stack
      • include (new in Linux), include file as argument of this control
    • complex control vals : value=action value2=action2, ...