diff options
| author | Thorsten Kukuk <kukuk@thkukuk.de> | 2004-09-28 13:48:45 +0000 |
|---|---|---|
| committer | Thorsten Kukuk <kukuk@thkukuk.de> | 2004-09-28 13:48:45 +0000 |
| commit | 6fb01537462a326a139f0c2d975145b26cd54bbe (patch) | |
| tree | 5cc76f47e9687823164fa214fb801ce0f37a0766 /modules/pam_userdb/README | |
| parent | 328d7328e5b4ea8d60164ce874bada2f4f58a201 (diff) | |
| download | pam-6fb01537462a326a139f0c2d975145b26cd54bbe.tar.gz pam-6fb01537462a326a139f0c2d975145b26cd54bbe.tar.bz2 pam-6fb01537462a326a139f0c2d975145b26cd54bbe.zip | |
Relevant BUGIDs:
Purpose of commit:
Commit summary:
---------------
bugfix:
* Merge patches from Red Hat (Bug 477000 and other - kukuk)
* Fix pam_rhosts option parsing (Bug 922648 - kukuk)
Diffstat (limited to 'modules/pam_userdb/README')
| -rw-r--r-- | modules/pam_userdb/README | 29 |
1 files changed, 26 insertions, 3 deletions
diff --git a/modules/pam_userdb/README b/modules/pam_userdb/README index 9fa6519d..fc56cfa0 100644 --- a/modules/pam_userdb/README +++ b/modules/pam_userdb/README @@ -1,6 +1,7 @@ pam_userdb: Look up users in a .db database and verify their password against - what is contained in that database. + what is contained in that database. The database will have been + created using db_load. RECOGNIZED ARGUMENTS: debug write a message to syslog indicating success or @@ -8,7 +9,9 @@ RECOGNIZED ARGUMENTS: db=[path] use the [path] database for performing lookup. There is no default; the module will return PAM_IGNORE if - no database is provided. + no database is provided. Some versions of DB will + automatically append ".db" to whatever pathname you + supply here. crypt=[mode] indicates whether encrypted or plaintext passwords are stored in the database. If [mode] is "crypt", @@ -24,8 +27,28 @@ RECOGNIZED ARGUMENTS: dump dump all the entries in the database to the log (eek, don't do this by default!) + use_authtok use the authentication token previously obtained by + another module that did the conversation with the + application. If this token can not be obtained then + the module will try to converse again. This option can + be used for stacking different modules that need to + deal with the authentication tokens. + + unknown_ok do not return error when checking for a user that is + not in the database. This can be used to stack more + than one pam_userdb module that will check a + username/password pair in more than a database. + + key_only the username and password are concatenated together + in the database hash as 'username-password' with a + random value. if the concatenation of the username and + password with a dash in the middle returns any result, + the user is valid. this is useful in cases where + the username may not be unique but the username and + password pair are. + MODULE SERVICES PROVIDED: - auth _authetication and _setcred (blank) + auth _authentication and _setcred (blank) EXAMPLE USE: auth sufficient pam_userdb.so icase db=/tmp/dbtest.db |