Installing and Administering Internet Services
410 Chapter10
Using rdist
Setting Up remsh
Service_name module_type control_flag module_path options.
Here are a few examples of entries you may find in a PAM configuration
file:
dtlogin auth required /usr/lib/security/libpam_unix.1
debug
dtlogin account required /usr/lib/security/libpam_unix.1
OTHER auth optional /usr/lib/security/libpam_unix.1
The service_name refers to the service. In the examples above, dtlogin
and the keyword, OTHER, indicates the module all other applications
that have not been specified should use.
The module_type indicates the service module type.The possible module
types include:
• authentication (auth)
• account management (account)
• session management (session)
• password management (passwd)
The control_flag field determines the behavior of stacking. See the
pam.conf man page for a complete discussion of stacking.
The module_path field specifies the pathname to a shared library object
that implements the service functionality.
The options field is used by the PAM framework layer to pass module
specific options to the modules. The module parses and interprets the
options. The modules can use this field to turn on debugging or to pass
any module specific parameters such as a TIMEOUT value. It can also
be used to support unified login.
Enabling Standard UNIX Authentication on rexecd and remshd
Services
To use the rexecand remsh services enabled with PAM, add thefollowing
lines to the /etc/pam.conf file:
rcomds auth required /usr/lib/security/libpam_unix.1
rcomds account required /usr/lib/security/libpam_unix.1
The remshd and rexecd services will use the above entries as
configuration information for authenticating users. Adding the lines
above tells rexec and remsh to use the UNIX authentication mechanism