pam_saslauthd
Checks and sets passwords using libsasl2. You should be able to use this instead of pam_unix for primary authentication. NOT heavily tested and therefore NOT recommended for actual deployments. Probably also has some bugs in the password changing functions.
RECOGNIZED ARGUMENTS
- realm=REALM
- use REALM for the given realm instead of the default
- service=SERVICE
- use the given service instead of the PAM service's name
- use_first_pass
- use the AUTHTOK on the stack (auth only)
- try_first_pass
- use the AUTHTOK on the stack if it exists, otherwise prompt the user (auth only, this is the default)
- use_authtok
- use the AUTHTOK on the stack instead of prompting the user for the current or new password (password only)
MODULE SERVICES PROVIDED
- auth
- check a password against the secrets in a sasldb
- password
- sets secrets in a sasldb
CAVEATS
Do not allow this module to call saslauthd if saslauthd is configured to use PAM unless you override the service name. If you do, you will cause a bad recursion.
FILES
- /usr/lib/sasl2/SERVICE.conf
- The configuration file which libsasl2 will consult to determine how the user's password should be verified.