view mod_auth_pam/README.markdown @ 5596:d2561c1d26f5

mod_client_management: Allow revoking a specific client version Could be useful in case of a security issue affecting a particular version. Even if in that case, the more likely use case is revoking all older versions except the fixed one(s), this can be done with a loop or improved later.
author Kim Alvefur <zash@zash.se>
date Fri, 14 Jul 2023 15:16:06 +0200
parents d407397d05ca
children
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
- 'Type-Auth'
summary: PAM authentication module
---

Introduction
============

This module makes Prosody authenticate users against PAM (Linux
Pluggable Authentication Modules)

Dependencies
============

The module depends on [lua-pam](https://github.com/devurandom/lua-pam)
and [LuaPosix](https://github.com/luaposix/luaposix).

Setup
=====

Create a `/etc/pam.d/xmpp` with something like this:

    auth    [success=1 default=ignore]  pam_unix.so obscure sha512 nodelay
    auth    requisite           pam_deny.so
    auth    required            pam_permit.so

And switch authentication provider in the Prosody config:

    authentication = "pam"

Compatibility
=============

Compatible with 0.9 and up