Use PAM to integrate to OpenStack keystone
Switch branches/tags
Nothing to show
Clone or download
Pull request Compare This branch is 2 commits ahead of donbowman:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


This module allows authenticating against keystone as a pam module. E.g. to allow nginx or other system services to use keystone users.

It does not create an NSS module, so its for auth only.

To use, copy to /lib/security, chmod 555 it. Then add a line like

auth sufficient

usually right before:

@include common-auth 

in a pam service. You may need to change the AUTH url in the lib (I didn't make it an argument).

Example config. Place in /etc/pam.d/keystone:

# PAM configuration for the Secure Shell service

auth sufficient

auth	requisite

account sufficient
session sufficient