salt.auth.pam

Authenticate against PAM

Provides an authenticate function that will allow the caller to authenticate a user against the Pluggable Authentication Modules (PAM) on the system.

Implemented using ctypes, so no compilation is necessary.

Note

PAM authentication will not work for the root user.

The Python interface to PAM does not support authenticating as root.

class salt.auth.pam.PamConv

Wrapper class for pam_conv structure

appdata_ptr

Structure/Union member

conv

Structure/Union member

class salt.auth.pam.PamHandle

Wrapper class for pam_handle_t

handle

Structure/Union member

class salt.auth.pam.PamMessage

Wrapper class for pam_message structure

msg

Structure/Union member

msg_style

Structure/Union member

class salt.auth.pam.PamResponse

Wrapper class for pam_response structure

resp

Structure/Union member

resp_retcode

Structure/Union member

salt.auth.pam.auth(username, password, **kwargs)

Authenticate via pam

salt.auth.pam.authenticate(username, password, service='login')

Returns True if the given username and password authenticate for the given service. Returns False otherwise

username: the username to authenticate

password: the password in plain text

service: the PAM service to authenticate against.
Defaults to 'login'
salt.auth.pam.groups(username, *args, **kwargs)

Retrieve groups for a given user for this auth provider

Uses system groups