Qual é a diferença entre pam_unix e pam_systemd?

2

Como eu sei, existem muitos módulos de pam

#ll /usr/lib64/security/ | grep pam | wc -l
57

#ll /usr/lib64/security/ | grep pam_unix.so
lrwxrwxrwx 1 root root     11 Apr 14 23:40 pam_unix_acct.so -> pam_unix.so
lrwxrwxrwx 1 root root     11 Apr 14 23:40 pam_unix_auth.so -> pam_unix.so
lrwxrwxrwx 1 root root     11 Apr 14 23:40 pam_unix_passwd.so -> pam_unix.so
lrwxrwxrwx 1 root root     11 Apr 14 23:40 pam_unix_session.so -> pam_unix.so
-rwxr-xr-x 1 root root  57688 Dec 13  2015 pam_unix.so

#ll /usr/lib64/security/ | grep pam_systemd.so
-rwxr-xr-x 1 root root 267840 Sep 18  2016 pam_systemd.so

mas qual é a diferença entre pam_unix e pam_systemd ?

Por exemplo: crond

quando eu mascarar systemd-logind , eu acho que: processo crond ---- > pam_systemd ------ > systemd-logind, mas, o que faz o crond decidir chamar pam_systemd mas não pam_unix ? que diferença entre pam_unix e pam_systemd ?

crond[48269]: pam_systemd(crond:session): Failed to create session: Unit systemd-logind.service is masked.
    
por 穆阿浩 21.06.2017 / 10:55

1 resposta

3

PAM significa o Módulo de Autenticação Pluggable e é baseado em RFC 86.0 .

pam_unix e pam_systemd são dois módulos diferentes com funções diferentes. De acordo com as respectivas páginas do manual:

pam_unix [is the m]odule for traditional password authentication

[...]

This is the standard Unix authentication module. It uses standard calls from the system's libraries to retrieve and set account information as well as authentication. Usually this is obtained from the /etc/passwd and the /etc/shadow file as well if shadow is enabled.

e

pam_systemd [r]egister[s] user sessions in the systemd login manager

[...]

pam_systemd registers user sessions with the systemd login manager systemd-logind.service(8), and hence the systemd control group hierarchy.

    
por 04.07.2017 / 14:53

Tags