In general, the Linux distributions, the BSD family, and Solaris come with a PAM implementation bundled with the operating system as part of the operating environment. In these cases, installation is done as you install the operating system. Slackware is one of the last PAM-free Linux distributions and in UNIX operating systems like AIX, PAM is an add-on product.
In this section, the installation of Linux PAM on Slackware 11 is explained. Installing PAM can be dangerous since you can leave your computer in a state where you cannot log in and correct mistakes.
Linux PAM can be downloaded from its website hosted by kernel.org. Currently the 0.99.6.3 version of Linux PAM is used. The following commands download and unpack Linux PAM:
# wget http://www.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-0.99.6.3.tar.gz # tar xzf Linux-PAM-0.99.6.3.tar.gz
The source code is now located in a directory called Linux-PAM-0.99.6.3. But if you are going use PAM, you will need to have PAM-aware applications. The Linux utility (the name of the package is linux-utils) contains a set of applications that are used for letting users log in. Downloading and unpacking this package is done by the following two commands:
# wget http://www.kernel.org/pub/linux/utils/util-linux/util-linux-2.12r.tar.gz # tar xzf util-linux-2.12r.tar.gz
Both source code archives are 1-2 MB in size.
After you have downloaded and unpacked the files, you are ready to compile the source code.
Compiling Linux PAM is straightforward. The following sequence of commands will compile and install Linux PAM:
# cd Linux-PAM-0.99.6.3 # ./configure # make # make install # cp conf/pam.conf /etc
The last command will copy a simple configuration file. Chapter 2 will explain in detail how this configuration file is written.
Turning to the linux-utils package, the compilation requires a bit more work. The source code is unpacked in the directory util-linux-2.12r. In this directory, you have to edit a file named MCONFIG. The file is a long series of configuration options for the utilities. The important option is called HAVE_PAM. In order to have the Linux utilities use PAM, set this option to YES. The line in the MCONFIG file should read:
Compilation is now done by the following commands:
The login program is used to validate the user at the console as he or she tries to log in. The last command above replaces the original version with a PAM-aware version. The next log in will be authenticated by PAM. Slackware stores log messages for authentication in the file /var/log/secure, it is possible to check if PAM is being used by reading this file.
The last few line of /var/log/secure should be:
Dec 10 17:27:10 pamela login: pam_unix(login:session) session opened for user root by LOGIN(uid=0) Dec 10 17:27:10 pamela login: ROOT LOGIN ON tty1
Linux PAM is distributed with a large set of modules but you might be in the situation where you wish to use a third-party module. In Chapter 2, an example is presented. This example uses a PAM module called pam_mount. This module is not distributed with Linux PAM or any other PAM implementation.
The module is downloaded from its website (http://pam-mount.sourceforge.net). Once the module is downloaded, it is compiled and installed by the following commands:
# tar xjf pam-mount-0.18.tar.bz2 # cd pam_mount-0.18 # ./configure # make # make install
Fortunately, most modules can be compiled in a similar way using the following commands: