PAM Modules
Creating or modifying a PAM configuration requires at least a basic understanding of the available PAM modules. If you check your existing PAM configuration files, you’re likely to see quite a range of module calls, and modifying them to get the results you expect can be tricky if you don’t understand what the existing modules do.
Tip
Some PAM modules can be called for only some management groups. Others can be called as part of a stack for any management group.
Standard PAM Modules
PAM ships with quite a few different modules. Table A-2 summarizes those that you’re most likely to encounter in your existing configuration files. Note that, although some modules directly relate to password handling, others don’t; they’re used to display information to users, set environment variables, and so on. For these modules, PAM is simply a convenient tool for accomplishing their goals. Such modules may not affect the login process at all.
Table A-2. Common standard PAM modules
|
Module filename |
Management groups |
Common arguments |
Description |
|---|---|---|---|
|
|
|
|
Implements the traditional Unix (and Linux) authentication, based on
|
|
|
|
|
A variant on |
Get Linux in a Windows World now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
