diff options
| author | Charl Botha <cpbotha@cpbotha.net> | 2000-05-22 20:55:34 +0000 |
|---|---|---|
| committer | Charl Botha <cpbotha@cpbotha.net> | 2000-05-22 20:55:34 +0000 |
| commit | 98713a7b959ff3dd7197e3718b3002635c4e975d (patch) | |
| tree | 069e0051a004392eaf3065458e0019342b765d3a /README | |
| parent | 60d8c9e5a38161624cb7f620b012e85c3b7fb378 (diff) | |
| download | libpam-pwdfile-98713a7b959ff3dd7197e3718b3002635c4e975d.tar.gz | |
Release 0.2 version.
Diffstat (limited to 'README')
| -rw-r--r-- | README | 21 |
1 files changed, 16 insertions, 5 deletions
@@ -1,8 +1,8 @@ README for pam_pwdfile PAM module - Charl P. Botha <cpbotha@ieee.org> -$Id: README,v 1.1.1.1 1999-08-05 13:09:07 cpbotha Exp $ +$Id: README,v 1.2 2000-05-22 20:55:34 cpbotha Exp $ --------------------------------------------------------------------------- -Let's say that this is version 0.1 of pam_pwdfile. +This is version 0.2 of pam_pwdfile. This pam module can be used for the authentication service only, in cases where one wants to use a different set of passwords than those in the main @@ -10,14 +10,21 @@ system password database. E.g. in our case we have an imap server running, and prefer to keep the imap passwords different from the system passwords for security reasons. -The /etc/pam.d/imap looks like this: +The /etc/pam.d/imap looks like this (e.g.) #%PAM-1.0 auth required /lib/security/pam_pwdfile.so pwdfile /etc/imap.passwd account required /lib/security/pam_pwdb.so At the moment the only parameters that pam_pwdfile.so parses for is "pwdfile", followed by the name of the ASCII password database, as in the -above example. +above example. Also, thanks to Jacob Schroeder <jacob@quantec.de>, +pam_pwdfile now supports password file locking. Adding an "flock" parameter +activates this feature: pam_pwdfile uses and honours flock() file locking on +the specified password file. Specifying "noflock" or no flock-type +parameter at all deactivates this feature. + +Example: +auth required /lib/security/pam_pwdfile.so pwdfile /etc/blah.passwd flock The ASCII password file is simply a list of lines, each looking like this: username:crypted_passwd[13] @@ -25,6 +32,10 @@ username:crypted_passwd[13] Note that we still expect users to have accounts in the usual place, as we make use of the pam_pwdb.so module for the account service. This module is just so that one can have multiple sets of passwords for different services, -e.g. with our /etc/imap.passwd. +e.g. with our /etc/imap.passwd. It is however possible with certain +applications patched for pam (Cyrus IMAP server e.g.) that one does not need +the users to exist in the system database. These files have been created for inclusion into the PAM source tree. +Thanks to Michael-John Turner <mj@debian.org> pam_pwdfile is available as a +debian package (libpam-pwdfile) from potato onwards. |