PAM (actually Linux-PAM, or Linux Pluggable Authentication Modules) allows a system administrator to determine how various applications use authentication (page 1455) to verify the identity of a user. PAM provides shared libraries of modules (located in /lib/security) that, when called by an application, authenticate a user. Pluggable refers to the ease with which you can add and remove modules from the authentication stack. The configuration files that are kept in the /etc/pam.d directory determine the method of authentication and contain a list, or stack, of calls to the modules. PAM may also use other files, such as /etc/passwd, when necessary.

Instead of building the authentication code into each application, PAM allows you to use the ...

Get A Practical Guide to Red Hat® Linux® 8 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.