PAM (actually Linux-PAM, or Linux Pluggable Authentication Modules) allows a system administrator to determine how various applications use authentication (page 1455) to verify the identity of a user. PAM provides shared libraries of modules (located in /lib/security) that, when called by an application, authenticate a user. Pluggable refers to the ease with which you can add and remove modules from the authentication stack. The configuration files that are kept in the /etc/pam.d directory determine the method of authentication and contain a list, or stack, of calls to the modules. PAM may also use other files, such as /etc/passwd, when necessary.

Instead of building the authentication code into each application, PAM allows you to use the ...

Get A Practical Guide to Red Hat® Linux® 8 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.