Manualshelf

User guide

ManualsBrandsBlack Box ManualsComputer equipmentACS120
331332333334335336337338339340
Appendix D - Linux-PAM
340 BLACK BOX ® Advanced Console Server
Service-name The name of the service associated with this entry. Frequently the ser-
vice name is the conventional name of the given application. For exam-
ple, ftpd, rlogind, su, etc. There is a special service-name, reserved
for defining a default authentication mechanism. It has the name
OTHER and may be specified in either lower or upper case characters.
Note, when there is a module specified for a named service, the
OTHER entries are ignored.
Module-type One of (currently) the four types of module. The four types are as
follows:
Auth- This module type provides two aspects of authenticating the user.
First, it establishes that the user is who they claim to be, by instructing
the application to prompt the user for a password or other means of
identification. Second, the module can grant group membership,
independently of the /etc/groups, or other privileges through its
credential-granting properties.
Account- This module performs non-authentication-based account
management. It is typically used to restrict or permit access to a service
based on the time of day, currently available system resources
(maximum number of users) or perhaps the location of the applicant
user—‘root login only on the console.
Session- Primarily, this module is associated with doing things that need
to be done for the user before or after they can be given service. Such
things include the logging of information concerning the opening or
closing of some data exchange with a user, mounting directories, etc.
Password- This last module type is required for updating the
authentication token associated with the user. Typically, there is one
module for each challenge/response based authentication (auth)
module-type.