Издательство: | Packt Publishing |
Дата выхода: | январь 2006 |
ISBN: | 9781904811329 |
Объём: | 124 страниц |
A comprehensive and practical guide to PAM for Linux: how modules work and how to implement them, covering 11 common modules, and installation of third-party offerings. Also covers developing your own modules in C. First this book explains how Pluggable Authentication Modules (PAM) simplify and standardize authentication in Linux. It shows in detail how PAM works and how it is configured. Then 11 common modules used across UNIX/Linux distributions are examined and explained, including all their parameters. Installation of third-party modules is discussed, and the development of new modules and PAM-aware applications is outlined PAM-aware applications reduce the complexity of authentication. With PAM you can use the same user database for every login process. PAM also supports different authentication processes as required. Moreover, PAM is a well-defined API, and PAM-aware applications will not break if you change the underlying authentication configuration. The PAM framework is widely used by most Linux distributions for authentication purposes. Originating from Solaris 2.6 ten years ago, PAM is used today by most proprietary and free UNIX operating systems including GNU/Linux, FreeBSD, and Solaris, following both the design concept and the practical details. PAM is thus a unifying technology for authentication mechanisms in UNIX. PAM is a modular and flexible authentication management layer that sits between Linux applications and the native underlying authentication system. PAM can be implemented with various applications without having to recompile the applications to specifically support PAM. This book provides a practical approach to UNIX/Linux authentication. The design principles are explained thoroughly, then illustrated through the examination of popular modules. It is intended as a one-stop introduction and reference to PAM. This book is for experienced system administrators and developers working with multiple Linux/UNIX servers or with both UNIX and Windows servers. It assumes a good level of admin knowledge, and that developers are competent in C development on UNIX-based systems.