NAME
pam_afslog —
AFS credentials PAM
module
SYNOPSIS
[
service-name]
module-type control-flag
pam_afslog
[
arguments]
DESCRIPTION
The
pam_afslog authentication service module for PAM provides
functionality for only one PAM category: authentication
(
module-type of
“
auth
”).
The
pam_sm_authenticate() function does nothing and thus the
module should be used with an
control-flag of
“
optional
”.
The value of the module comes from its
pam_sm_setcred()
function. If the
afslog parameter is enabled in
krb5.conf(5), then the module
will take Kerberos 5 credentials from the cache created by
pam_krb5(8) and convert them
into AFS tokens, after first creating a PAG (Process Authentication Group) if
necessary.
SEE ALSO
kafs(3),
pam.conf(5),
pam(8),
pam_krb5(8)
HISTORY
The
pam_afslog module was developed for
NetBSD by
Tyler C. Sarna. The
pam_afslog module appeared in
NetBSD
4.0.