Autres
AideEnLigne
CahierDeBrouillon
Présentation
Administration

MesLectures
[Journal d'Ophelia]
[Blog Larnac]
[Traitement texte en ligne]
[Kim Khal]

Informations
[Rue 89]
[Tele libre]

DNS etc
[Robtex]
Logins
Votre ID: 111
Nom:
Login utilisateur
Mot de passe éditeur

PAMViteFait

Différence (depuis la version majeure précédente) (Pas d'autres comparaisons)

Modifié: 10c10,11
*rule line syntax in esch file:
*rules may be stacked to combine the services of a number of PAMs for a given auth task
*rule line syntax in each file:

Effacé: 12d12
, password and session

Modifié: 14,15c14,25
*control: behavior of PAM-Api should th emodule fails to authenticate. might be value=action pairs
**valid control vals: requisite (immediate termination). required (failure after all the stacked modules execution) sufficient (success is enough to satisfy auth requirements) optional (success important if it is the only module in stack) include
*control: behavior of PAM-api should the module fails to authenticate. might be value=action pairs
**valid control values:
***requisite > immediate termination
***required > failure after all the stacked modules execution
***sufficient success is enough to satisfy auth requirements. module stack exiting
***optional success important if it is the only module in stack
***include (new in Linux), include file as argument of this control
**complex control vals : value=action value2=action2, ...





PAM Linux quick & dirty guide

  • set of libs to handle auth tasks
  • dynamically configurable
  • separeted in 4 segment groups Editer cette page.
    • account: account verif pasord expired ? user permitted to access this service ?
    • authentication: who are you. Password verif
    • password: reponsability of updating auth mechanism
    • session: before and after service tasks: audit trails, mounting/unmounting
  • rules may be stacked to combine the services of a number of PAMs for a given auth task
  • rule line syntax in each file:
  type control module-path module-arguments
  • type: management group for the rule. Valid types are account, auth, password, session
  • control: behavior of PAM-api should the module fails to authenticate. might be value=action pairs
    • valid control values:
      • requisite > immediate termination
      • required > failure after all the stacked modules execution
      • sufficient success is enough to satisfy auth requirements. module stack exiting
      • optional success important if it is the only module in stack
      • include (new in Linux), include file as argument of this control
    • complex control vals : value=action value2=action2, ...