The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

pam_smbfs_login (5)
  • >> pam_smbfs_login (5) ( Solaris man: Форматы файлов )
    •  

    NAME

    pam_smbfs_login - PAM user credential authentication module for SMB/CIFS client login
 

    SYNOPSIS

    pam_smb_cred.so.1

     

    DESCRIPTION

    The pam_smbfs_login module implements pam_sm_setcred(3PAM) to provide functions that act equivalently to the smbutil(1) login command.

    This optional functionality is meant to be used only in environments that do not run Active Directory or Kerberos, but which synchronize passwords between Solaris clients and their CIFS/SMB servers.

    This module permits the login password to be stored as if the smbutil(1) login command was used to store a password for PAM_USER in the user or system default domain. The choice of default domain is the first of the following:
    -Domain entry specified in the default section of the $HOME/.nsmbrc file, if readable.
    -Domain entry specified in the default section shown by the sharectl get smbfs command.
    -String WORKGROUP.

    Because pam_smbfs_login runs as root during the login process, a $HOME/.nsmbrc file accessed through NFS may only be readable if the file permits reads by others. This conflicts with the requirement that passwords stored in $HOME/.nsmbrc are ignored when permissions are open.

    To use this functionality, add the following line to the /etc/pam.conf file: 

    login  auth optional    pam_smbfs_login.so.1

    Authentication service modules must implement both pam_sm_authenticate(3PAM) and pam_sm_setcred(3PAM). In this module, pam_sm_authenticate(3PAM) always returns PAM_IGNORE.

    The pam_sm_setcred(3PAM) function accepts the following flags:

    PAM_REFRESH_CRED

    Returns PAM_IGNORE.

    PAM_SILENT

    Suppresses messages.

    PAM_ESTABLISH_CRED
    PAM_REINITIALIZE_CRED

    Stores the authentication token for PAM_USER in the same manner as the smbutil(1) login command.

    PAM_DELETE_CRED

    Deletes the stored password for PAM_USER in the same manner as the smbutil(1) logout command.

    The following options can be passed to the pam_smbfs_login module:

    debug

    Produces syslog(3C) debugging information at the LOG_AUTH or LOG_DEBUG level.

    nowarn

    Suppresses warning messages.

     

    FILES

    $HOME/.nsmbrc

    Find default domain, if present.

     

    ERRORS

    Upon successful completion of pam_sm_setcred(3PAM), PAM_SUCCESS is returned. The following error codes are returned upon error:

    PAM_USER_UNKNOWN

    User is unknown.

    PAM_AUTHTOK_ERR

    Password is bad.

    PAM_AUTH_ERR

    Domain is bad.

    PAM_SYSTEM_ERR

    System error.

     

    ATTRIBUTES

    See attributes(5) for descriptions of the following attribute:

    ATTRIBUTE TYPEATTRIBUTE VALUE
    Interface StabilityCommitted
    MT Level

     

    SEE ALSO

    smbutil(1), syslog(3C), libpam(3LIB), pam(3PAM), pam_setcred(3PAM), pam_sm(3PAM), pam_sm_authenticate(3PAM), pam_sm_chauthtok(3PAM), pam_sm_setcred(3PAM), pam.conf(4), attributes(5), smbfs(7FS)  

    NOTES

    The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.

     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    FILES
    ERRORS
    ATTRIBUTES
    SEE ALSO
    NOTES

    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей     		Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру