summaryrefslogtreecommitdiff
path: root/source3/pam_smbpass/README
diff options
context:
space:
mode:
authorJohn Terpstra <jht@samba.org>2001-04-24 20:00:12 +0000
committerJohn Terpstra <jht@samba.org>2001-04-24 20:00:12 +0000
commit2321514e9300ac85a1976318bae18a6b177f25c9 (patch)
treefe7bbb36aaba15deb9f13f3324c696cc06fd8a2d /source3/pam_smbpass/README
parent61da9a7e939df69e3feb7d4854b42f72c132a21f (diff)
downloadsamba-2321514e9300ac85a1976318bae18a6b177f25c9.tar.gz
samba-2321514e9300ac85a1976318bae18a6b177f25c9.tar.bz2
samba-2321514e9300ac85a1976318bae18a6b177f25c9.zip
Added Steve Langasek <vorlon@netexpress.net> pam_smbpass PAM module code.
Note: Still have to add build stuff - not ready yet. (This used to be commit 1de7022f98b64b15503aaf48c8d729789fc49781)
Diffstat (limited to 'source3/pam_smbpass/README')
-rw-r--r--source3/pam_smbpass/README66
1 files changed, 66 insertions, 0 deletions
diff --git a/source3/pam_smbpass/README b/source3/pam_smbpass/README
new file mode 100644
index 0000000000..6f50ce4d2c
--- /dev/null
+++ b/source3/pam_smbpass/README
@@ -0,0 +1,66 @@
+25 Mar 2001
+
+pam_smbpass is a PAM module which can be used on conforming systems to
+keep the smbpasswd (Samba password) database in sync with the unix
+password file. PAM (Pluggable Authentication Modules) is an API supported
+under some Unices, such as Solaris, HPUX and Linux, that provides a
+generic interface to authentication mechanisms.
+
+For more information on PAM, see http://ftp.kernel.org/pub/linux/libs/pam/
+
+This module authenticates a local smbpasswd user database. If you require
+support for authenticating against a remote SMB server, or if you're
+concerned about the presence of suid root binaries on your system, it is
+recommended that you use one of the other two following modules
+
+ pam_smb - http://www.csn.ul.ie/~airlied/pam_smb/
+ authenticates against any remote SMB server
+
+ pam_ntdom - ftp://ftp.samba.org/pub/samba/pam_ntdom/
+ authenticates against an NT or Samba domain controller
+
+Options recognized by this module are as follows:
+
+ debug - log more debugging info
+ audit - like debug, but also logs unknown usernames
+ use_first_pass - don't prompt the user for passwords;
+ take them from PAM_ items instead
+ try_first_pass - try to get the password from a previous
+ PAM module, fall back to prompting the user
+ use_authtok - like try_first_pass, but *fail* if the new
+ PAM_AUTHTOK has not been previously set.
+ (intended for stacking password modules only)
+ not_set_pass - don't make passwords used by this module
+ available to other modules.
+ nodelay - don't insert ~1 second delays on authentication
+ failure.
+ nullok - null passwords are allowed.
+ nonull - null passwords are not allowed. Used to
+ override the Samba configuration.
+ migrate - only meaningful in an "auth" context;
+ used to update smbpasswd file with a
+ password used for successful authentication.
+ smbconf=<file> - specify an alternate path to the smb.conf
+ file.
+
+See the samples/ directory for example PAM configurations using this
+module.
+
+Thanks go to the following people:
+
+* Andrew Morgan <morgan@transmeta.com>, for providing the Linux-PAM
+framework, without which none of this would have happened
+
+* Christian Gafton <gafton@redhat.com> and Andrew Morgan again, for the
+pam_pwdb module upon which pam_smbpass was originally based
+
+* Luke Leighton <lkcl@switchboard.net> for being receptive to the idea,
+and for the occasional good-natured complaint about the project's status
+that keep me working on it :)
+
+* and of course, all the other members of the Samba team
+<samba-bugs@samba.org>, for creating a great product and for giving this
+project a purpose
+
+---------------------
+Stephen Langasek <vorlon@netexpress.net>