Use PAM to integrate to OpenStack keystone
Switch branches/tags
Nothing to show
Clone or download
Pull request Compare This branch is 2 commits ahead of donbowman:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
README.md
keystone-auth.py

README.md

pam-keystone

This module allows authenticating against keystone as a pam module. E.g. to allow nginx or other system services to use keystone users.

It does not create an NSS module, so its for auth only.

To use, copy keystone-auth.py to /lib/security, chmod 555 it. Then add a line like

auth sufficient pam_python.so keystone-auth.py

usually right before:

@include common-auth 

in a pam service. You may need to change the AUTH url in the lib (I didn't make it an argument).

Example config. Place in /etc/pam.d/keystone:

# PAM configuration for the Secure Shell service

auth sufficient pam_python.so keystone-auth.py

auth	requisite			pam_deny.so

account sufficient pam_permit.so
session sufficient pam_permit.so