pam_dial_auth

- authentication management PAM module for dialups

Synopsis

pam_dial_auth.so.1 

Description

The pam_dial_auth module implements pam_sm_authenticate(3PAM) which authenticates the user according to the dialups(4) and d_passwd(4) files configuration.

Authentication service modules must implement both pam_sm_authenticate() and pam_sm_setcred(). pam_sm_setcred() in this module always returns PAM_IGNORE.

The value of the PAM_TTY item is checked against entries in dialups(4). If there is a match, the user's shell is compared against entries in d_passwd(4). If there is a matching entry, the user is prompted for a password which is validated against the entry found.

The following option may be passed in to this service module:

debug

syslog(3C) debugging information at LOG_DEBUG level.

Errors

If dialups(4) is not present, PAM_IGNORE is returned. Upon successful completion of pam_sm_authenticate(), PAM_SUCCESS is returned. The following error codes are returned upon error:

PAM_AUTH_ERR

Authentication failure.

PAM_SERVICE_ERR

Error in the calling service, PAM_TTY is not set.

PAM_SYSTEM_ERR

System error (d_passwd(4) is not present).

PAM_USER_UNKNOWN

No account is present for user.

Attributes

See attributes(5) for a description of the following attributes:

See Also

pam(3PAM), pam_authenticate(3PAM), pam_sm_authenticate(3PAM), d_passwd(4), dialups(4), libpam(3LIB), pam.conf(4), attributes(5), pam_authtok_check(5), pam_authtok_get(5), pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5), pam_unix_account(5), pam_unix_auth(5), pam_unix_session(5)

Notes

The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.