Pam-Mysql free download, Pam-Mysql download on software download

	Pam-Mysql Pam-Mysql is a PAM module that allows authentication through a Mysql database.
Download

Pam-Mysql Ranking & Summary

Rating:

License:
LGPL

Price:
FREE

Publisher Name:
James O'Kane

Publisher web site:

Pam-Mysql Tags

PAM MySQL authentication

Pam-Mysql

Pam-Mysql Description

Pam-Mysql is a PAM module that allows authentication through a Mysql database. Pam-Mysql is a PAM module that allows authentication through a Mysql database.Requirements:· A *NIX (or similar) system, in which PAM facility is set up and working either system-wide or in a chroot jail.· A MySQL server, up and running.Available options:The module options are listed below with default in ()s:verbose (0) If set to 1, produces logs with detailed messages that describes what PAM-MySQL is doing. May be useful for debugging.debug An alias for the verbose option. This is added in 0.7pre2.user The user name used to open the specified MySQL database.passwd The password used to open the specified MySQL database.host The host name or the absolute path to the unix socket where the MySQL server is listening. The following formats are accepted: 1. absolute path to the unix socket (e.g. "/tmp/mysql.sock") 2. host name (e.g. "somewhere.example.com") 3. host name + port number (e.g. "somewhere.example.com:3306")db The name of the database that contains a user-password table.table The name of table that maps unique login names to the passwords. This can be a combination of tables with full JOIN syntax if you need more control. For example: update_table The name of the table used for password alteration. If not defined, the value of the "table" option will be used instead. This is handy if you have a complex JOIN instead of a simple table in the "table" option above.usercolumn The name of the column that contains a unix login name. Should be in a fully qualified form.passwdcolumn The name of the column that contains a (encrypted) password string. Should be in a fully qualified form.statcolumn The name of the column or an SQL expression that indicates the status of the user. The status is expressed by the combination of two bitfields shown below: bit 0 (0x01): if flagged, pam_mysql deems the account to be expired and returns PAM_ACCT_EXPIRED. That is, the account is supposed to no longer be available. Note this doesn't mean that pam_mysql rejects further authentication operations. bit 1 (0x02): if flagged, pam_mysql deems the authentication token (password) to be expired and returns PAM_NEW_AUTHTOK_REQD. This ends up requiring that the user enter a new password. This option is available since 0.6.crypt (plain) The method to encrypt the user's password: 0 (or "plain") = No encryption. Passwords stored in plaintext. HIGHLY DISCOURAGED. 1 (or "Y") = Use crypt(3) function. 2 (or "mysql") = Use MySQL PASSWORD() function. It is possible that the encryption function used by PAM-MySQL is different from that of the MySQL server, as PAM-MySQL uses the function defined in MySQL's C-client API instead of using PASSWORD() SQL function in the query. 3 (or "md5") = Use plain hex MD5. 4 (or "sha1") = Use plain hex SHA1.md5 (false) Use MD5 by default for crypt(3) hash. Only meaningful when crypt is set to "Y".use_323_passwd (false) Use MySQL version 3 style encryption function if available and the crypt option is set to "mysql". This is useful if you have a table migrated from the old MySQL database and it stores the old-style passwords. This option appeared since 0.7pre2 and 0.6.1.where Additional criteria for the query. For example: sqllog (false) If set to either "true" or "yes", SQL logging is enabled.logtable The name of the table to which logs are written.logmsgcolumn The name of the column in the log table to which the description of the performed operation is stored.logusercolumn The name of the column in the log table to which the name of the user being authenticated is stored.logpidcolumn The name of the column in the log table to which the pid of the process utilising the pam_mysql's authentication service is stored.loghostcolumn The name of the column in the log table to which the IP address of the machine performing the operation is stored.logrhostcolumn The name of the column in the log table to which the name of the remote host that initiates the session is stored. The value is supposed to be set by the PAM-aware application with pam_set_item(PAM_RHOST). Available since 0.7pre3.logtimecolumn The name of the column in the log table to which the timestamp of the log entry is stored.config_file Path to a NSS-MySQL style configuration file which enumerates the options per line. Acceptable option names and the counterparts in the PAM-MySQL are listed below: - users.host (host) - users.database (db) - users.db_user (user) - users.db_passwd (passwd) - users.where_clause (host) - users.table (table) - users.update_table (update_table) - users.user_column (usercolumn) - users.password_column (passwdcolumn) - users.status_column (statcolumn) - users.password_crypt (crypt) - users.use_323_password (use_323_passwd) - users.use_md5 (md5) - users.where_clause (where) - users.disconnect_every_operation (disconnect_every_op) *1 - verbose (verbose) - log.enabled (sqllog) - log.table (logtable) - log.message_column (logmsgcolumn) - log.pid_column (logpidcolumn) - log.user_column (logusercolumn) - log.host_column (loghostcolumn) - log.rhost_column (logrhostcolumn) *2 - log.time_column (logtimecolumn) A "#" in front of the line makes it a comment as in NSS-MySQL. This is available since 0.7pre1. (*1: added in 0.7RC1) (*2: added in 0.7pre3)use_first_pass (false) If true, pam_mysql doesn't prompt a password and uses the one provided given in a preceeding authentication module. If it is not given, authentication fails. This is available since 0.7pre2.try_first_pass (true) If true, pam_mysql first tries to authenticate with the password given in a preceeding authentication module. If it fails (because of either unavailableness of a password or simple authentication failure), then pam_mysql prompts a password for the following authentication. The semantics actually breaks the backwards compatibility, because authentication is not performed twice in the previous versions when the password given by the previous authentication module is wrong. This is available since 0.7pre2.disconnect_every_op (false) By default, pam_mysql keeps connection to the MySQL database until the session is closed. If this option is set to true it disconnects every time the PAM operation has finished. This option may be useful in case the session lasts quite long.What's New in This Release:· Add a option "disconnect_every_op" option that forces pam_mysql to disconnect from the database every operation (PR #1325395).· Use geteuid() instead of getuid() to check if the current user is authorized to change the password (PR #1338667).· Allow root (uid=0) to change the passwords of other users without their old password (PR #1338672)

Pam-Mysql Related Software