[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam different access permissions for users



On Fri, Sep 07, 2001 at 06:29:23PM +0530, Adharsh Praveen R. wrote:
> I want to have a set of users for three different services say  for proxy authentication(squid), for socks & for using pptp.
> The user who can use proxy may or may not have access to use socks.
> In other words the user who can use one service may or may not use other service. Is there any way that I can use PAM
> & provide different  access permissions for different users.

One way to do this is to add
auth required /lib/security/pam_listfile.so item=user sense=allow file=/etc/users.socks
to the socks PAM configuration file, and put the names of the users in
/etc/users.socks (and doing similar things for the other services).

> Also can PAM take the user names from seperate files for seperate services.
> username & password of socks are stored in one file then username & password  of pptp are in some other file.
> PAM should take user names from those particular files for those service & authenticate the users
> Is there any way of doing that. Please let me know.

If these users don't need to log in, the pam_userdb module can do this.
auth required /lib/security/pam_userdb.so db=/etc/sockspasswd.db

To load up /etc/sockspasswd.db, you'd place the data (user names and
passwords on alternating lines) in a file named /etc/sockspasswd and run
"db_load -T -t hash -f /etc/sockspasswd /etc/sockspasswd.db".

HTH,

Nalin





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []