Developer's Daily Unix by Example
  main | java | perl | unix | dev directory | web log
 
 
Main
Unix
Man Pages
   

pam_stack

NAME
SYNOPSIS
DESCRIPTION
ARGUMENTS
EXAMPLE
CAVEAT
BUGS
AUTHOR

NAME

pam_stack ? recurse into other PAM stacks

SYNOPSIS

auth required /lib/security/pam_stack.so service=foo
session optional /lib/security/pam_stack.so service=foo
password optional /lib/security/pam_stack.so service=foo
account optional /lib/security/pam_stack.so service=foo

DESCRIPTION

In a nutshell, pam_stack lets you "call", from inside of the stack for a particular service, the stack defined for any another service. The intention is to allow multiple services to "include" a system-wide setup, so that when that setup needs to be changed, it need only be changed in one place.

ARGUMENTS

debug

turns on debugging via syslog(3).

service=name

tells pam_stack.so to execute the stack defined for the service name, which will usually be another file in /etc/pam.d.

EXAMPLE

/etc/pam.d/imap:
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_shells.so
/etc/pam.d/system-auth:
auth sufficient /lib/security/pam_krb5.so
auth sufficient /lib/security/pam_unix.so shadow nullok
auth required /lib/security/pam_deny.so

CAVEAT

Because recursion is fully supported, there is potential to really break things by having a stack call itself either directly or via mutual recursion.

BUGS

Let’s hope not, but if you find any, please email the author.

AUTHOR

Nalin Dahyabhai <nalin@redhat.com>

copyright 1998-2007, devdaily.com, all rights reserved.
devdaily.com, an alvin j. alexander production.