The Linux-PAM System Administrators' Guide

Andrew G. Morgan, morgan@kernel.org

1. Introduction

2. Some comments on the text

3. Overview

• 3.1 Getting started

4. The Linux-PAM configuration file

• 4.1 Configuration file syntax
• 4.2 Directory based configuration
• 4.3 Generic optional arguments
• 4.4 Example configuration file entries

5. Security issues of Linux-PAM

• 5.1 If something goes wrong
• 5.2 Avoid having a weak `other' configuration

6. A reference guide for available modules

• 6.1 The access module
• 6.2 Chroot
• 6.3 Cracklib pluggable password strength-checker
• 6.4 The locking-out module
• 6.5 Set/unset environment variables
• 6.6 The filter module
• 6.7 Anonymous access module
• 6.8 The group access module
• 6.9 Add issue file to user prompt
• 6.10 The Kerberos 4 module.
• 6.11 The last login module
• 6.12 The resource limits module
• 6.13 The list-file module
• 6.14 The mail module
• 6.15 Create home directories on initial login
• 6.16 Output the motd file
• 6.17 The no-login module
• 6.18 The promiscuous module
• 6.19 The Password-Database module
• 6.20 The RADIUS session module
• 6.21 The rhosts module
• 6.22 The root access module
• 6.23 The securetty module
• 6.24 The login counter (tallying) module
• 6.25 Time control
• 6.26 The Unix Password module
• 6.27 The userdb module
• 6.28 Warning logger module
• 6.29 The wheel module

7. Files

8. See also

9. Notes

10. Author/acknowledgments

11. Bugs/omissions

12. Copyright information for this document