Home Contact Download

asyd.net

Welcome to Bruno Bonfils's (aka asyd homepage).
Trace:

Differences

This shows you the differences between the selected revision and the current version of the page.

projects:pam_eaccess 2005/11/07 09:41 projects:pam_eaccess 2008/10/03 08:25 current
Line 9: Line 9:
  * file backend   * file backend
  * per service definition   * per service definition
 +  * LDAP backend
=====Roadmap===== =====Roadmap=====
-  * LDAP backend 
  * SQL backend   * SQL backend
-  * Per user IP source filter+  * Per user IP filter
======Installation==== ======Installation====
Line 21: Line 21:
<code> <code>
-# svn co http://svn.asyd.net/svn/pam_eaccess/tags/20051107 pam_eaccess+# svn co http://svn.asyd.net/svn/pam_eaccess/releases/0.1 pam_eaccess
# cd pam_eaccess # cd pam_eaccess
# autoconf # autoconf
Line 34: Line 34:
<code> <code>
-# wget http://asyd.net/upstream/pam_eaccess-20051107.tar.gz +# wget http://asyd.net/upstream/pam_eaccess-0.1.tar.gz 
-# tar xvfz pam_eaccess-20051107.tar.gz+# tar xvfz pam_eaccess-0.1.tar.gz
# cd pam_eaccess # cd pam_eaccess
# ./configure # ./configure
Line 73: Line 73:
======Testing====== ======Testing======
 +
 +=====Requirements=====
There is a very simple way to test the pam_eaccess module, you need : There is a very simple way to test the pam_eaccess module, you need :
Line 80: Line 82:
  * pam_eaccess   * pam_eaccess
 +=====pam.d/<service> file=====
 +
 +Create a pam.d resource file for a test service, like pameaccesstest, which contains :
 +
 +///etc/pam.d/pameaccess//
 +<code>
 +auth      required    pam_eaccess.so debug
 +auth      required    pam_pwdfile.so pwdfile /etc/others.passwd
 +</code>
 +
 +=====passwd file=====
 +
 +Create the file /etc/others.passwd which contains something like :
 +
 +///etc/others.passwd//
 +<code>
 +asyd:password
 +bruno:password
 +</code>
 +
 +Checking doc which come with your pwdfile upstream to know the format of password you must use (probably crypt/MD5)
 +
 +=====Testing=====
 +
 +Play with /etc/pam-access.conf, and use the pam-test.pl which comes with pam_eaccess
 +
 +<code>
 +# echo "pamaccess: asyd" > /etc/pam.access
 +# ./pam-test.pl pamaccess asyd mysecret
 +[pam_myaccess.c:pam_sm_authenticate(52)] module called for service: pamaccess, user: asyd
 +[pam_myaccess.c:pam_sm_authenticate(59)] no backend defined, use file
 +[backends/file.c:check_access_file(70)] service pamaccess match pamaccess
 +[backends/file.c:check_access_file(90)] user asyd match asyd
 +Authentication succeeded
 +</code>
 +~~DISCUSSION~~