Software library to manage authentication on Linux systems
Linux PAM
Stable release
1.5.3
/ May 8, 2023; 11 months ago (2023-05-08)
Repository
https://github.com/linux-pam/linux-pam
Written in
C
Operating system
Linux
Type
authentication
License
GNU General Public License or Modified BSD License
Website
www.linux-pam.org
Linux Pluggable Authentication Modules (PAM) is a suite of libraries that allow a Linux system administrator to configure methods to authenticate users. It provides a flexible and centralized way to switch authentication methods for secured applications by using configuration files instead of changing application code.[1] There are Linux PAM libraries allowing authentication using methods such as local passwords, LDAP, or fingerprint readers.[2] Linux PAM is evolved from the Unix Pluggable Authentication Modules architecture.[3]
Linux-PAM separates the tasks of authentication into four independent management groups:[4]
account modules check that the specified account is a valid authentication target under current conditions. This may include conditions like account expiration, time of day, and that the user has access to the requested service.
authentication modules verify the user's identity, for example by requesting and checking a password or other secret. They may also pass authentication information on to other systems like a keyring.
password modules are responsible for updating passwords, and are generally coupled to modules employed in the authentication step. They may also be used to enforce strong passwords.
session modules define actions that are performed at the beginning and end of sessions. A session starts after the user has successfully authenticated.
^"Chapter 1. Introduction". An Internet Archive page of Linux PAM site. Archived from the original on 2021-05-06. Retrieved 2023-11-11.
^Lauber, Susan (2020-07-22). "An introduction to Pluggable Authentication Modules (PAM) in Linux". Red Hat. Retrieved 2021-02-28.
^Fernandes, Savio; Reddy, KLM. "Securing Applications on Linux with PAM | Linux Journal". Linux Journal. Retrieved 2018-09-30.
^"pam.d(8): Pluggable Authentication Modules for - Linux man page". linux.die.net. Retrieved 2021-02-28.
Linux Pluggable Authentication Modules (PAM) is a suite of libraries that allow a Linux system administrator to configure methods to authenticate users...
stand-alone open-source infrastructure, PAM first appeared in Red Hat Linux 3.0.4 in August 1996 in the LinuxPAM project. PAM is currently supported in the AIX...
for Linux is a series of patches to the Linux kernel that adds Rust as a second programming language to C for writing kernel components. The Linux kernel...
with Snow Leopard), and offered as an alternative to LinuxPAM in certain Linux distributions. OpenPAM was developed for the FreeBSD Project by Dag-Erling...
Look up pam in Wiktionary, the free dictionary. Pam or PAM may refer to: Pam, Iran, a village in Markazi Province Piedmont Atlantic Megaregion (PAM), United...
management / access management (PIM/PAM), privileged remote access, and vulnerability management products for UNIX, Linux, Windows and macOS operating systems...
Red Hat Linux was a widely used commercial open-source Linux distribution created by Red Hat until its discontinuation in 2004. Early releases of Red Hat...
Slackware is a Linux distribution created by Patrick Volkerding in 1993. Originally based on Softlanding Linux System (SLS), Slackware has been the basis...
reboot (respectively). These files are not set by any given PAM module (such as pam_unix.so or pam_sss.so) but are set by the application performing the operation...
Martin Maurer, two Linux developers, found out OpenVZ had no backup tool and no management GUI. KVM was appearing at the same time in Linux, and was added...
into several operating systems, namely Microsoft Windows, macOS and most Linux operating systems, while the portable version is available as a package...
Security Services Daemon (SSSD) is software originally developed for the Linux operating system (OS) that provides a set of daemons to manage access to...
version of XnView, called XnView MP, is available for Windows, macOS and Linux. XnView has received five cows from Tucows. In 2006 Sveriges Television...
Alto Networks PAN-OS, a proprietary implementation Pam_tacplus, a TACACS+ protocol client library and PAM module Augur Systems TACACS+, a free open-source...
used over slow connections such as dial-up modems. Originally targeting Linux-based operating systems, the core compression technology, designed by Gian...
would limit the affected user to a maximum of thirty owned processes. On PAM-enabled systems, this limit can also be set in /etc/security/limits.conf...
of system components for Linux operating systems. The main aim is to unify service configuration and behavior across Linux distributions. Its primary...
LACP—Link Aggregation Control Protocol LAMP—Linux Apache MySQL Perl LAMP—Linux Apache MySQL PHP LAMP—Linux Apache MySQL Python LAN—Local Area Network LBA—Logical...
on most modern operating systems, including macOS, most distributions of Linux, OpenBSD, FreeBSD, NetBSD, Solaris and OpenVMS. Notably, versions of Windows...
Privileged Access Management (PAM) is a type of identity management and branch of cybersecurity that focuses on the control, monitoring, and protection...
Db2 common product, designed with a mostly common code base for L-U-W (Linux-Unix-Windows); DB2 for System z and DB2 for IBM i are different. As a result...
- Linux.com". Linux.com - The source for Linux Information. Archived from the original on 2016-03-16. Retrieved 2015-05-03. New features in Linux Mint...
sysadmin. On many Linux distributions, the chsh command is a PAM-aware application. As such, its behaviour can be tailored, using PAM configuration options...
kernel, device drivers, userland utilities, and documentation, as opposed to Linux only delivering a kernel and drivers, and relying on third-parties like...
OpenVPN source code there are some examples of such plug-ins, including a PAM authentication plug-in. Several third-party plug-ins also exist to authenticate...
stored procedures. It is supported on all major operating systems, including Linux, FreeBSD, OpenBSD, macOS, and Windows, and handles a range of workloads...
the permissions to do so. Usermin is written in Perl 5 using the Authen::PAM Perl module and deployed on port 20000 by default. Any changes by the system...
world-readable passwd file. For local files, this is usually /etc/shadow on Linux and Unix systems, or /etc/master.passwd on BSD systems; each is readable...