pam_eaccess 0.1 review
Downloadpam_eaccess is a PAM module which add a generic way to do authorization
|
|
pam_eaccess is a PAM module which add a generic way to do authorization. Indeed, for each service (for which you want add authorization) you can define the list of users (or all) who are allowed to connect to this service.
Here are some key features of "pam eaccess":
file backend
per service definition
Installation:
tar xvfz pam_eaccess-0.1.tar.gz
cd pam_eaccess
./configure
make
sudo make install
Usage:
pam.d/< service >
Well, it’s actually very simple, you just need to add the following line to pam config :
auth required pam_eaccess.so
Note: the keyword debug is supported.
/etc/pam-access.conf
Note: this filename is actually hardcoded, you can’t use another destination
pamtest: asyd, bruno
login: [ALL]
This file has the following form :
one service per line, the service name MUST be followed by :
users lists coma separated
The keyword [ALL] which can be used for service and/or users act as a wildcard.
Requirements:
pam_pwdfile
Perl module Authen::PAM
pam_eaccess
pam_eaccess 0.1 keywords