How to Add a PAM Module
This procedure shows how to add a new PAM module. New modules can be created to cover site-specific security policies or to support third party applications.
-
Become superuser or assume an equivalent role.
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map).
-
Determine which control flags and which other options should be used.
Refer to How PAM Stacking Works for information on the control flags.
-
Ensure that the ownership and permissions are set so that the module file is owned by root and the permissions are 555.
-
Edit the PAM configuration file, /etc/pam.conf, and add this module to the appropriate services.
-
Verify that the module has been added properly.
You must test before the system is rebooted in case the configuration file is misconfigured. Login using a direct service, such as ssh, and run the su command, before you reboot the system. The service might be a daemon that is spawned only once when the system is booted. Then, you must reboot the system before you can verify that the module has been added.
- © 2010, Oracle Corporation and/or its affiliates