salt.auth.pam

Authenticate against PAM

Provides an authenticate function that will allow the caller to authenticate a user against the Pluggable Authentication Modules (PAM) on the system.

Implemented using ctypes, so no compilation is necessary.

There is one extra configuration option for pam. The pam_service that is authenticated against. This defaults to login

auth.pam.service: login

Note

PAM authentication will not work for the root user.

The Python interface to PAM does not support authenticating as root.

Note

Using PAM groups with SSSD groups on python2.

To use sssd with the PAM eauth module and groups the pysss module is needed. On RedHat/CentOS this is python-sss.

This should not be needed with python >= 3.3, because the os modules has the getgrouplist function.

class salt.auth.pam.PamConv

Wrapper class for pam_conv structure

class salt.auth.pam.PamHandle

Wrapper class for pam_handle_t

class salt.auth.pam.PamMessage

Wrapper class for pam_message structure

class salt.auth.pam.PamResponse

Wrapper class for pam_response structure

salt.auth.pam.auth(username, password, **kwargs)

Authenticate via pam

salt.auth.pam.authenticate(username, password)

Returns True if the given username and password authenticate for the given service. Returns False otherwise

username: the username to authenticate

password: the password in plain text

salt.auth.pam.groups(username, *args, **kwargs)

Retrieve groups for a given user for this auth provider

Uses system groups

Generated on April 03, 2018 at 06:37:10 MDT.

You are viewing docs for the previous stable release, 2016.11.9. Switch to docs for the latest stable release, 2017.7.4, or to a recent doc build from the develop branch.


saltstack.com

© 2018 SaltStack. All Rights Reserved, SaltStack Inc. | Privacy Policy