aboutsummaryrefslogtreecommitdiff
This pam module provides the authentication service using an own set of user/password pairs.

CONFIGURATION
=============

simple PAM config
-----------------

Just add/change the config file for service to contain the line:

auth		required	pam_pwdfile.so pwdfile=/path/to/passwd_file

If your service does more with PAM than auth there will be a fallback to the service "other".
If that is not what you want, you can use pam_permit.so or pam_deny.so for that:

account		required	pam_permit.so
session		required	pam_permit.so
password	required	pam_deny.so


options
-------

* pwdfile=<file>
* debug: produce a bit of debug output
* nodelay: don't tell the PAM stack to cause a delay on auth failure
* flock: use a shared (read) advisory lock on pwdfile, you should better move new versions into place instead


PASSWORD FILE
=============

The password file basically looks like passwd(5): one line for each user with two or more colon-separated fields.
First field contains the username, the second the crypt()ed password.
Other fields are optional.

crypt()ed passwords in various formats can be generated with mkpasswd from the whois package.