Difference between revisions of "Handbook:Advanced Server Configuration:PAM Authentication"
(New PAM authentication section) |
|||
Line 19: | Line 19: | ||
@include common-session | @include common-session | ||
− | Once PAM has been configured, all connections to hfaxd will require a valid local user and password. Localhost connections are not | + | Once PAM has been configured, all connections to hfaxd will require a valid local user and password. Localhost connections are not exempted from this and HylaFAX utils (sendfax, faxstat, ...) run on the local machine will also require the password of the current user. |
Revision as of 20:26, 2 June 2006
HylaFAX has supported PAM authentication since version 4.2.0. To use PAM authentication, HylaFAX must have been compiled with PAM support. PAM support is automaticaly turned on by configure if it can find the PAM libraries. If you are unsure if hfaxd supports PAM, you can run the following command:
ldd /usr/sbin/hfaxd
If a line similar to
libpam.so.0 => /lib/libpam.so.0 (0xb7f02000)
is in the library listing, PAM support has been compiled in. If not, you will have to recompile HylaFAX with PAM support.
The RedHat/Fedora HylaFAX packages distributed on HylaFAX.org are compiled with PAM support. All you need to do to use it is to create a file named /etc/pam.d/hylafax with settings for auth and account. A sample file looks like this:
#%PAM-1.0 auth required pam_stack.so service=system-auth account required pam_stack.so service=system-auth session required pam_stack.so service=system-auth
The HylaFAX package distributed by Debian is already compiled with PAM support. In order to use it with the default PAM configuration, the file /etc/pam.d/hylafax must be created with the following content:
@include common-auth @include common-account @include common-session
Once PAM has been configured, all connections to hfaxd will require a valid local user and password. Localhost connections are not exempted from this and HylaFAX utils (sendfax, faxstat, ...) run on the local machine will also require the password of the current user.