LINUX CATEGORIES:

GLOBAL PAGES >>
NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Find us on Google+

WEEK'S BEST

Linux Kernel 3.9.2 / 3....

LibreOffice 3.6.6 / 4.0.3

MPlayer 1.1.1

systemd 204

Arch Linux 2013.05.01

Blender 2.67

KDE Software Compilatio...

CrunchBang Linux Stable...

Elementary OS 0.1 / 0.2...

SystemRescueCd 3.6.0

Home > Linux > System > System Administration

PAM-script 1.1.1


Downloads: 855	View global page NEW! Tell us about an update

User Rating:
Rated by:

Good (3.7/5)
14 user(s)


Developer: License / Price: Last Updated: Category:	Jeroen Nijhof \| More programs GPL / FREE April 21st, 2008, 21:03 GMT [view history] ROOT / System / System Administration

Read user reviews (0)

Refer to a friend

PAM-script description

Allows you to execute scripts during authorization, passwd changes, and on session opening or closing.

PAM-script project allows you to execute scripts during authorization, passwd changes, and on session opening or closing. Such scripts can perform necessary tasks or influence the outcome of the PAM stack.

For example, if the entry "sshd auth required pam_script" was included in pam.conf, and if the pam_script_auth script exits with a non-zero value, this would cause the user to be denied SSH access to the machine.

Options to pam_script.so:

onerr=(success|fail) - default behavior if the module can not find
or execute the various pam-scripts. The default is 'fail'.

dir=/some/path - where to find the pam-scripts listed below.

All options are passed on to the script commandlines and those not
intercepted by PAM may be used to modify the script behavior.

Module-type and Scripts:

auth: pam_script_auth - username/password handshake
account: pam_script_acct - non-auth account management
passwd: pam_script_passwd - changing a password
session: pam_script_ses_open - actions performed before and
pam_script_ses_close after a session

All the scripts will be passed several environment variables:
PAM_USER, PAM_RUSER, PAM_RHOST, PAM_SERVICE, PAM_AUTHTOK,
PAM_TTY, and PAM_TYPE referring to the module-type.
Whether the variable has a non-null value or not depends on the
context.

Pam.conf example:

--- start pam.conf ---
ssh auth required pam_script.so
ssh session required pam_script.so
ssh passwd required pam_script.so
--- end pam.conf ---

or as an extra step (here pam_script.so is optional because this application
does some extra logging and doesn't want access denied if there is a problem):

--- start pam.conf ---
ssh auth required pam_unix.so
ssh auth optional pam_script.so
ssh session required pam_unix.so
ssh session optional pam_script.so
ssh passwd required pam_unix.so
ssh passwd optional pam_script.so
--- end pam.conf ---

This example application has the pam_script_auth script check a database
and return non-zero if the user should not be granted access. If the
script does not exist or is not executable at all levels (chmod a+x)
then deny access.

ssh auth required pam_unix.so
ssh auth required pam_script.so onerr=fail

Debugging:

Get the pamtest.c program from the pam-dotfile distribution and it can be
used to step through the module.

Product's homepage

What's New in This Release: [ read full changelog ]

· Added converse functionality.

TAGS:	PAM authentication \| PAM module \| PAM authorization \| PAM \| authentication \| authorization	SHARE THIS
		TWEET THIS

Go to top

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| UPDATE YOUR SOFTWARE \| ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use

LINUX CATEGORIES:

PAM-script 1.1.1

PAM-script description

Allows you to execute scripts during authorization, passwd changes, and on session opening or closing.

TAGS:

Share, bookmark, add