2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
About PAM support in the Shadow Password Suite
|
|
|
|
|
2007-10-07 17:14:14 +05:30
|
|
|
Warning: this code is still considered BETA. It needs more testing.
|
|
|
|
Please let me know if it works, or if something doesn't work.
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2007-10-07 17:14:14 +05:30
|
|
|
Use "./configure --with-libpam" to enable PAM support in the login,
|
|
|
|
passwd and su applications.
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
When compiled with PAM support enabled, the following traditional features
|
|
|
|
of the shadow suite are not implemented directly in the applications -
|
|
|
|
instead, they should be implemented in the PAM modules.
|
|
|
|
|
2007-10-07 17:14:14 +05:30
|
|
|
login:
|
|
|
|
- /etc/login.access
|
|
|
|
- /etc/porttime
|
|
|
|
- resource limits
|
|
|
|
- console groups
|
|
|
|
- password expiration / password strength checks
|
|
|
|
- /etc/motd and mail check
|
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
passwd:
|
|
|
|
- administrator defined authentication methods
|
|
|
|
- password expiration
|
|
|
|
- password strength checks
|
|
|
|
|
|
|
|
su:
|
|
|
|
- wheel group
|
|
|
|
- console groups
|
|
|
|
- su access control (/etc/suauth)
|
|
|
|
- password expiration
|
|
|
|
- time restrictions
|
|
|
|
- resource limits
|
|
|
|
|