Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ pam_unix(5) — HP-UX 10.20

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

pam(3)

syslog(3)

pam.conf(4)

pam_unix(5)

12 September 1995

NAME

pam_unix − authentication, account, session, and password management PAM modules for UNIX

SYNOPSIS

/usr/lib/security/libpam_unix.1

DESCRIPTION

The UNIX service module for PAM, /usr/lib/security/libpam_unix.1, provides functionality for all four PAM modules: The authentication module, the account management module, the session management module, and the password management module.  The libpam_unix.1 module is a shared object that can be dynamically loaded to provide the necessary functionality upon demand.  Its path is specified in the PAM configuration file.  The system administrator can determine the policy and must be careful to specify the correct modules in the pam.conf file. 
 

Unix Authentication Module

The UNIX authentication component provides functions to verify the identity of a user, and to set user specific credentials.  Authentication of the users by the Unix Authentication Module compares the user entered password with the password from UNIX password database.  If the passwords match, the user is authenticated.  The following options may be passed to the UNIX service module:

debugsyslog(3) debugging information at LOG_DEBUG level

nowarnturn off warning messages

use_first_passIt compares the password in the password database with the user’s initial password (entered when the user authenticated to the first authentication module in the stack).  If the passwords do not match, or if no password has been entered, quit and do not prompt the user for a password.  This option should only be used if the authentication service is designated as optional in the pam.conf configuration file. 

try_first_passIt compares the password in the password database with the user’s initial password (entered when the user authenticated to the first authentication module in the stack).  If the passwords do not match, or if no password has been entered, prompt the user for a password. 

 

Unix Account Management Module

The UNIX account management component provides a function to perform account management.  The account management component retrieves the user’s password entry from the UNIX password database and verifies that the user’s account and password have not expired.  The following option may be passed in to the UNIX service module:

debugsyslog(3) debugging information at LOG_DEBUG level

 

Unix Session Management Module

The UNIX session management component provides functions to initiate and terminate UNIX sessions.  Currently for UNIX, these functions are empty.  The following option may be passed in to the UNIX service module:

debugsyslog(3) debugging information at LOG_DEBUG level

 

Unix Password Management Module

The UNIX password management component provides functions to change passwords.  These functions all retrieve the UNIX password entry from the UNIX password database and set or retrieve the necessary components within the entry (such as the value of the  UNIX password for example).  The following option may be passed in to the UNIX service module:

debugsyslog(3) debugging information at LOG_DEBUG level

 

SEE ALSO

pam(3), syslog(3), pam.conf(4)

Hewlett-PAckard Company  —  HP-UX 10.20  April 1996

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026