We do this very thing. What you do is add a default entry in your users file using PAM, then build a pam file for the method of authentication you are using. We use LDAP, so we point to the pam_ldap.so libraries. You would point yours to whatever you want to use. I am not sure if pwdb is supported, but I know a lot of other good DB/directory formats are. Hope this helps. Cliff On Tue, 16 Jan 2001, Jeremiah Johnson wrote:
Hrm. Strange, I am very surprised that there is no similar functionality in linux as there is in BSD for this problem. Password databases are in use by default on Freebsd (as far back as Freebsd 2.2.8(9?) from what I've seen). Somebody out there has to have more information on this.
-miah
On Tue, Jan 16, 2001 at 04:57:07PM -0500, Egan wrote:
Now I know why they said that.
They were talking about RADIUS clients authenticating via PAM pwdb, and in the SuSE pwdb docs I just read, pam_pwdb is nothing more than a wrapper to the /etc/passwd file! Arrggh!
That's what I'm trying to avoid. If /etc/passwd is not a database, then each lookup must be a simple linear search.
Maybe pam_mysql is a possibility, but I've not had time to get mysql running yet.
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com