PAM

Usage

If minbif is compiled with PAM support (configured with ENABLE_PAM=ON at build time), then you may use PAM to authenticate your user. In this case, the passwords stored in the users' preferences in local files are not used anymore, but PAM is called instead. Viewing the current password with /ADMIN password is no more possible, but changing it may be possible if the PAM policy allows it.

Configuration

To use PAM authentication and authorization, add the following to your configuration (in minbif.conf):

aaa {
        use_pam = true
}

WARNING about setting rights properly

If you intend to use the pam_unix mechanisme, beware to run minbif with the proper rights. On Debian systems, minbif is run with a dedicated user, which needs to be added to the shadow group to be able to validate users' passwords (and changing passwords needs more rights).

Also available in: HTML TXT