summaryrefslogtreecommitdiff
path: root/debian/pam_example
diff options
context:
space:
mode:
authorDave Olson <olson@cumulusnetworks.com>2017-06-16 15:49:56 -0700
committerDave Olson <olson@cumulusnetworks.com>2017-06-16 16:18:07 -0700
commit3a47df99b207d85469d0a3126aacf491ba61c1d4 (patch)
treeb32ecb55edf4e2712bb3f0877a875b4477acbb4b /debian/pam_example
parenta11bbaeb6b0635dd852fb511a28f67da80327fef (diff)
downloadlibpam-radius-auth-3a47df99b207d85469d0a3126aacf491ba61c1d4.tar.gz
libpam-radius-auth-3a47df99b207d85469d0a3126aacf491ba61c1d4.zip
Added debian directory from jessie 1.3.16, with changelog updates
Cleaned up to use simpler rules file as part of that import. Also newer compat level, etc.
Diffstat (limited to 'debian/pam_example')
-rw-r--r--debian/pam_example64
1 files changed, 64 insertions, 0 deletions
diff --git a/debian/pam_example b/debian/pam_example
new file mode 100644
index 0000000..1ab27e8
--- /dev/null
+++ b/debian/pam_example
@@ -0,0 +1,64 @@
+This is a simple and safe example on how to enable radius
+authentication to the console login on a Debian system and
+you are too lazy to read the USAGE documentation.
+
+Edit /etc/pam.d/login
+
+The default looks like:
+
+[SNIP]
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# This module parses /etc/environment (the standard for setting
+# environ vars) and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# (Replaces the `ENVIRON_FILE' setting from login.defs)
+auth required pam_env.so
+
+# Standard Un*x authentication. The "nullok" line allows passwordless
+# accounts.
+@include common-auth
+
+[SNIP]
+
+
+Insert the following line:
+
+auth sufficient pam_radius_auth.so
+
+AFTER
+
+auth required pam_env.so
+
+and BEFORE
+
+# Standard Un*x authentication. The "nullok" line allows passwordless
+# accounts.
+@include common-auth
+
+so that it will looks like:
+
+[SNIP]
+
+# This module parses /etc/environment (the standard for setting
+# environ vars) and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# (Replaces the `ENVIRON_FILE' setting from login.defs)
+auth required pam_env.so
+
+##### RADIUS #####
+auth sufficient pam_radius_auth.so
+
+# Standard Un*x authentication. The "nullok" line allows passwordless
+# accounts.
+@include common-auth
+
+[SNIP]
+
+Try now to login in one of the consoles using the radius password.
+If it fails the system will prompt again for a password. This time
+provide the local one.
+