Mercurial > prosody-modules

view mod_auth_pam/README.markdown @ 5694:8afa0fb8a73e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_client_management: Report on longest lived token when grant does not expire E.g. for mod_http_oauth2 where by default the grant itself is unlimited, while refresh tokens are issued with one week lifetime, but are renewed with each use.
author Kim Alvefur <zash@zash.se>
date Fri, 10 Nov 2023 00:26:17 +0100
parents d407397d05ca
children
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
- 'Type-Auth'
summary: PAM authentication module
---

Introduction
============

This module makes Prosody authenticate users against PAM (Linux
Pluggable Authentication Modules)

Dependencies
============

The module depends on [lua-pam](https://github.com/devurandom/lua-pam)
and [LuaPosix](https://github.com/luaposix/luaposix).

Setup
=====

Create a `/etc/pam.d/xmpp` with something like this:

    auth    [success=1 default=ignore]  pam_unix.so obscure sha512 nodelay
    auth    requisite           pam_deny.so
    auth    required            pam_permit.so

And switch authentication provider in the Prosody config:

    authentication = "pam"

Compatibility
=============

Compatible with 0.9 and up