git Service of IN-Ulm e.V. Explore Help
Sign In
cbiedl
/
ngircd
1
0
Fork 0
Files
Tree: 5adb9eb085
Branches Tags
ngircd
/
doc
/
PAM.txt

PAM.txt 1.9 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849 
  1. 

  2.                      ngIRCd - Next Generation IRC Server
    3. 

  3.                            http://ngircd.barton.de/
    4. 

  4. 

  5.                (c)2001-2013 Alexander Barton and Contributors.
    6. 

  6.                ngIRCd is free software and published under the
    7. 

  7.                    terms of the GNU General Public License.
    8. 

  8. 

  9.                                  -- PAM.txt --
    10. 

  10. 

  11. 

  12. ngIRCd can optionally be compiled to use PAM, the Pluggable Authentication
    13. 

  13. Modules library, for user authentication. When compiled with PAM support,
    14. 

  14. ngIRCd will authenticate all users connecting to the daemon using the
    15. 

  15. configured PAM modules in an asynchronous child process.
    16. 

  16. 

  17. To enable PAM, you have to pass the command line parameter "--with-pam" to
    18. 

  18. the "configure" script. Please see the PAM documentation ("man 7 pam") for
    19. 

  19. details and information about configuring PAM and its individual modules.
    20. 

  20. 

  21. A very simple -- and quite useless ;-) -- example would be:
    22. 

  22. 

  23. 	/etc/pam.d/ngircd:
    24. 

  24. 	  auth  required  pam_debug.so
    25. 

  25. 

  26. Here the "pam_debug" module will be called each time a client connects to
    27. 

  27. the ngIRCd and has sent its PASS, NICK, and USER commands.
    28. 

  28. 

  29. The PAM library used by the ngIRCd daemon must be able to access its
    30. 

  30. configuration file, so don't forget to check permissions and run something
    31. 

  31. like this: "chmod 644 /etc/pam.d/ngircd".
    32. 

  32. 

  33. Please note ONE VERY IMPORTANT THING:
    34. 

  34. 

  35. All the PAM modules are executed with the privileges of the user ngIRCd
    36. 

  36. is running as. Therefore a lot of PAM modules aren't working as expected,
    37. 

  37. because they need root privileges ("pam_unix", for example)!
    38. 

  38. Only PAM modules not(!) requiring root privileges (such as "pam_pgsql",
    39. 

  39. "pam_mysql", "pam_opendirectory" ...) can be used in conjunction with ngIRCd.
    40. 

  40. 

  41. More Examples:
    42. 

  42. 

  43.  * Use an own "password file" for ngIRCd:
    44. 

  44. 

  45.    Note: you can use the htpasswd(1) utility of Apache to manage password
    46. 

  46.    files used by pam_pwdfile, see "man htpasswd"!
    47. 

  47. 

  48. 	/etc/pam.d/ngircd:
    49. 

  49. 	  auth  required  pam_pwdfile.so pwdfile=/etc/ngircd/ngircd.passwd
    50.