Mercurial > prosody-modules

view mod_auth_pam/README.markdown @ 4502:48afaec5d1de

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_rest: Allow empty @to to mean to=account is in normal XMPP Noticed an XXX in snikket-web-portal wrt needing to explicitly set @to in order to talk to 'self' services in Prosody, where to=nil is the same as to=account
author Kim Alvefur <zash@zash.se>
date Sun, 07 Mar 2021 21:02:18 +0100
parents d407397d05ca
children
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
- 'Type-Auth'
summary: PAM authentication module
---

Introduction
============

This module makes Prosody authenticate users against PAM (Linux
Pluggable Authentication Modules)

Dependencies
============

The module depends on [lua-pam](https://github.com/devurandom/lua-pam)
and [LuaPosix](https://github.com/luaposix/luaposix).

Setup
=====

Create a `/etc/pam.d/xmpp` with something like this:

    auth    [success=1 default=ignore]  pam_unix.so obscure sha512 nodelay
    auth    requisite           pam_deny.so
    auth    required            pam_permit.so

And switch authentication provider in the Prosody config:

    authentication = "pam"

Compatibility
=============

Compatible with 0.9 and up