Home Man
Search
Today's Posts
Register

Linux & Unix Commands - Search Man Pages

OpenSolaris 2009.06 - man page for pam_smbfs_login (opensolaris section 5)

pam_smbfs_login(5)	       Standards, Environments, and Macros	       pam_smbfs_login(5)

NAME
       pam_smbfs_login - PAM user credential authentication module for SMB/CIFS client login

SYNOPSIS
       pam_smb_cred.so.1

DESCRIPTION
       The  pam_smbfs_login module  implements pam_sm_setcred(3PAM) to provide functions that act
       equivalently to the smbutil(1) login command.

       This optional functionality is meant  to be used only in environments  that   do  not  run
       Active  Directory or Kerberos, but which synchronize passwords between Solaris clients and
       their CIFS/SMB servers.

       This module permits the login password to be stored as if the smbutil(1) login command was
       used to store a password for PAM_USER in the user or system default  domain. The choice of
       default domain is the first of the following:
	 -Domain entry specified in the  default  section of the $HOME/.nsmbrc file, if readable.
	 -Domain entry specified in the default section shown by the sharectl get smbfs command.
	 -String WORKGROUP.

       Because pam_smbfs_login runs as root  during  the  login  process,  a  $HOME/.nsmbrc  file
       accessed  through  NFS may only be readable if the file permits reads by others. This con-
       flicts with the requirement that passwords stored in $HOME/.nsmbrc are ignored  when  per-
       missions are open.

       To use this functionality,  add the following line to the /etc/pam.conf file:

	 login	auth optional	 pam_smbfs_login.so.1

       Authentication	service   modules   must  implement  both  pam_sm_authenticate(3PAM)  and
       pam_sm_setcred(3PAM). In this module, pam_sm_authenticate(3PAM) always returns PAM_IGNORE.

       The pam_sm_setcred(3PAM) function accepts the following flags:

       PAM_REFRESH_CRED

	   Returns PAM_IGNORE.

       PAM_SILENT

	   Suppresses messages.

       PAM_ESTABLISH_CRED
       PAM_REINITIALIZE_CRED

	   Stores the authentication token for PAM_USER in the	same  manner  as  the  smbutil(1)
	   login command.

       PAM_DELETE_CRED

	   Deletes  the  stored password for PAM_USER in the same manner as the smbutil(1) logout
	   command.

       The following options can be passed to the pam_smbfs_login module:

       debug

	   Produces syslog(3C) debugging information at the LOG_AUTH or LOG_DEBUG level.

       nowarn

	   Suppresses warning messages.

FILES
       $HOME/.nsmbrc		   Find default domain, if present.

ERRORS
       Upon successful completion of pam_sm_setcred(3PAM), PAM_SUCCESS is  returned. The  follow-
       ing  error codes are returned upon error:

       PAM_USER_UNKNOWN

	   User is unknown.

       PAM_AUTHTOK_ERR

	   Password is bad.

       PAM_AUTH_ERR

	   Domain is bad.

       PAM_SYSTEM_ERR

	   System error.

ATTRIBUTES
       See attributes(5) for descriptions of the following attribute:

       +-----------------------------+-----------------------------+
       |       ATTRIBUTE TYPE	     |	     ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     | Committed		   |
       +-----------------------------+-----------------------------+
       |MT Level		     | MT-Safe with exceptions	   |
       +-----------------------------+-----------------------------+

SEE ALSO
       smbutil(1),   syslog(3C),   libpam(3LIB),   pam(3PAM),	pam_setcred(3PAM),  pam_sm(3PAM),
       pam_sm_authenticate(3PAM),  pam_sm_chauthtok(3PAM),   pam_sm_setcred(3PAM),   pam.conf(4),
       attributes(5), smbfs(7FS)

NOTES
       The  interfaces in libpam(3LIB) are MT-Safe only  if each thread within the multi-threaded
       application uses its own PAM handle.

SunOS 5.11				   25 Sep 2008			       pam_smbfs_login(5)


All times are GMT -4. The time now is 05:10 AM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
UNIX.COM Login
Username:
Password:  
Show Password