 
 
 
 
pam_modules-2.htmlNext Previous
pam_modules.html#toc1Contents 1. Introduction 
1.1 Synopsis 
#include <security/pam_modules.h>
gcc -fPIC -c pam_module-name.c
ld -x --shared -o pam_module-name.so pam_module-name.o
1.2 Description 
Linux-PAM (Pluggable Authentication Modules for Linux) is a
library that enables the local system administrator to choose how
individual applications authenticate users.  For an overview of the
Linux-PAM library see the Linux-PAM System Administrators'
Guide.
A Linux-PAM module is a single executable binary file that can be
loaded by the 
Linux-PAM interface library. This PAM library is
configured locally with a system file, 
/etc/pam.conf, to
authenticate a user request via the locally available authentication
modules. The modules themselves will usually be located in the
directory 
/usr/lib/security and take the form of dynamically
loadable object files (see dlopen(3)). Alternatively, the modules can
be statically linked into the 
Linux-PAM library; this is mostly to
allow 
Linux-PAM to be used on platforms without dynamic linking
available, but the two forms can be used together.  It is the
Linux-PAM interface that is called by an application and it is
the responsibility of the library to locate, load and call the
appropriate functions in a 
Linux-PAM-module.
Except for the immediate purpose of interacting with the user
(entering a password etc..) the module should never call the
application directly. This exception requires a "conversation
mechanism" which is documented below.
pam_modules-2.htmlNext Previous
pam_modules.html#toc1Contents 