The Linux-PAM package contains Pluggable Authentication Modules. This is useful to enable the local system administrator to choose how applications authenticate users.
Download (HTTP): http://www.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-0.99.7.1.tar.bz2
Download (FTP): ftp://ftp.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-0.99.7.1.tar.bz2
Download MD5 sum: 385458dfb4633071594e255a6ebec9da
Download size: 872 KB
Estimated disk space required: 18 MB
Estimated build time: 0.5 SBU
Optional documentation: http://www.kernel.org/pub/linux/libs/pam/pre/doc/Linux-PAM-0.99.7.1-docs.tar.bz2
libxslt-1.1.20, DocBook XML DTD-4.5, DocBook XSL Stylesheets-1.69.1, w3m, and FOP-0.93
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/linux-pam
If you downloaded the documentation, unpack the tarball from the same top-level directory you unpacked the source tarball from. The files will unpack into the correct directories of the source tree.
Install Linux-PAM by running the following commands:
./configure --libdir=/usr/lib \
--sbindir=/lib/security \
--enable-securedir=/lib/security \
--docdir=/usr/share/doc/Linux-PAM-0.99.7.1 \
--enable-read-both-confs &&
make
The test suite will not provide meaningful results until the package has been installed and minimally configured. If, after installing the package and creating a minimum configuration as shown below in the 'other' example, you wish to run the tests, issue make check.
Now, as the root user:
make install && chmod -v 4755 /lib/security/unix_chkpwd && mv -v /lib/security/pam_tally /sbin && mv -v /usr/lib/libpam*.so.0* /lib && ln -v -sf ../../lib/libpam.so.0.81.6 /usr/lib/libpam.so && ln -v -sf ../../lib/libpamc.so.0.81.0 /usr/lib/libpamc.so && ln -v -sf ../../lib/libpam_misc.so.0.81.2 /usr/lib/libpam_misc.so
--libdir=/usr/lib: This
parameter results in the libraries being installed in /usr/lib.
--sbindir=/lib/security:
This parameter results in two executables, one which is not
intended to be run from the command line, being installed in the
same directory as the PAM modules. One of the executables is later
moved to the /sbin directory.
--enable-securedir=/lib/security:
This parameter results in the PAM modules being installed in
/lib/security.
--docdir=...: This
parameter results in the documentation being installed in a
versioned directory name.
--enable-read-both-confs:
This parameter allows the local administrator to choose which
configuration file setup to use.
chmod -v 4755
/lib/security/unix_chkpwd: The unix_chkpwd password-helper
program must be setuid so that non-root processes can access the shadow-password
file.
mv -v /lib/security/pam_tally /sbin: The pam_tally program is designed to be run by the system administrator, possibly in single-user mode, so it is moved to the appropriate directory.
mv -v /usr/lib/libpam*.so.0*
/lib: This command moves the dynamic libraries to
/lib as they may be required in
single user mode.
ln -v -sf ...: These
commands recreate the .so symlinks as
the libraries they pointed to were moved to /lib.
Configuration information is placed in /etc/pam.d/ or /etc/pam.conf depending on system administrator
preference. Below are example files of each type:
# Begin /etc/pam.d/other
auth required pam_unix.so nullok
account required pam_unix.so
session required pam_unix.so
password required pam_unix.so nullok
# End /etc/pam.d/other
# Begin /etc/pam.conf
other auth required pam_unix.so nullok
other account required pam_unix.so
other session required pam_unix.so
other password required pam_unix.so nullok
# End /etc/pam.conf
The PAM man page (man pam) provides a good starting point for descriptions of fields and allowable entries. The Linux-PAM System Administrators' Guide is recommended for additional information.
Refer to http://www.kernel.org/pub/linux/libs/pam/modules.html for a list of various modules available.
![[Important]](../images/important.png)
You should now reinstall the Shadow-4.0.17 package.
Last updated on 2007-04-04 21:42:53 +0200