This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
PAM Service Types
PAM Service Types

Version management

Difference between version and

At line 1 added 30 lines
!!! Overview
The [{$pagename}] is the management group that the rule corresponds to. The [{$pagename}] is used to specify which of the management groups the subsequent module is to be associated with. Valid entries are described below.
!!!account
The account module type performs non-authentication based account management.
The account module is typically used to restrict/permit access to a service based on the time of day, currently available system resources (maximum number of users) or perhaps the location of the applicant user -- 'root' login only on the console.
Used for determining whether the current user's account is valid. Modules that provide this service can check password or account expiration and time-restricted access.
!!!auth
The auth module type provides two aspects of authenticating the user. Firstly, it establishes that the user is who they claim to be, by instructing the application to prompt the user for a password or other means of identification. Secondly, the module can grant group membership or other privileges through its credential granting properties.
Used for granting users access to an account or service. Modules that provide this service authenticate users and set up user credentials.
!!!password
The password module type is required for updating the authentication token associated with the user. Typically, there is one module for each 'challenge/response' based authentication (auth) type.
Used for For enforcing password strength rules and performing authentication token updates.
!!!session
The session module type is associated with doing things that need to be done for the user before/after they can be given service. Such things include the logging of information concerning the opening/closing of some data exchange with a user, mounting directories, etc.
Used For setting up and terminating login sessions.
%%information
An individual module can provide any or all interfaces for PAM Types. For instance, pam_unix.so module provides all four interfaces for PAM Types.
%%
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop