salt.auth.pam

Authenticate against PAM

Provides an authenticate function that will allow the caller to authenticate a user against the Pluggable Authentication Modules (PAM) on the system.

Implemented using ctypes, so no compilation is necessary.

There is one extra configuration option for pam. The pam_service that is authenticated against. This defaults to login

auth.pam.service: login

Note

PAM authentication will not work for the root user.

The Python interface to PAM does not support authenticating as root.

class salt.auth.pam.PamConv

Wrapper class for pam_conv structure

appdata_ptr

Structure/Union member

conv

Structure/Union member

class salt.auth.pam.PamHandle

Wrapper class for pam_handle_t

handle

Structure/Union member

class salt.auth.pam.PamMessage

Wrapper class for pam_message structure

msg

Structure/Union member

msg_style

Structure/Union member

class salt.auth.pam.PamResponse

Wrapper class for pam_response structure

resp

Structure/Union member

resp_retcode

Structure/Union member

salt.auth.pam.auth(username, password, **kwargs)

Authenticate via pam

salt.auth.pam.authenticate(username, password)

Returns True if the given username and password authenticate for the given service. Returns False otherwise

username: the username to authenticate

password: the password in plain text

salt.auth.pam.groups(username, *args, **kwargs)

Retrieve groups for a given user for this auth provider

Uses system groups