1c747c0c7SAndrzej Bialecki.\" Copyright (c) 1999 2c747c0c7SAndrzej Bialecki.\" Andrzej Bialecki <abial@FreeBSD.org>. All rights reserved. 3c747c0c7SAndrzej Bialecki.\" 4c747c0c7SAndrzej Bialecki.\" Copyright (c) 1992, 1993, 1994 5c747c0c7SAndrzej Bialecki.\" The Regents of the University of California. All rights reserved. 6c747c0c7SAndrzej Bialecki.\" All rights reserved. 7c747c0c7SAndrzej Bialecki.\" 8c747c0c7SAndrzej Bialecki.\" This code is derived from software donated to Berkeley by 9c747c0c7SAndrzej Bialecki.\" Jan-Simon Pendry. 10c747c0c7SAndrzej Bialecki.\" 11c747c0c7SAndrzej Bialecki.\" Redistribution and use in source and binary forms, with or without 12c747c0c7SAndrzej Bialecki.\" modification, are permitted provided that the following conditions 13c747c0c7SAndrzej Bialecki.\" are met: 14c747c0c7SAndrzej Bialecki.\" 1. Redistributions of source code must retain the above copyright 15c747c0c7SAndrzej Bialecki.\" notice, this list of conditions and the following disclaimer. 16c747c0c7SAndrzej Bialecki.\" 2. Redistributions in binary form must reproduce the above copyright 17c747c0c7SAndrzej Bialecki.\" notice, this list of conditions and the following disclaimer in the 18c747c0c7SAndrzej Bialecki.\" documentation and/or other materials provided with the distribution. 19c747c0c7SAndrzej Bialecki.\" 3. All advertising materials mentioning features or use of this software 20c747c0c7SAndrzej Bialecki.\" must display the following acknowledgement: 21c747c0c7SAndrzej Bialecki.\" This product includes software developed by the University of 22c747c0c7SAndrzej Bialecki.\" California, Berkeley and its contributors. 23c747c0c7SAndrzej Bialecki.\" 4. Neither the name of the University nor the names of its contributors 24c747c0c7SAndrzej Bialecki.\" may be used to endorse or promote products derived from this software 25c747c0c7SAndrzej Bialecki.\" without specific prior written permission. 26c747c0c7SAndrzej Bialecki.\" 27c747c0c7SAndrzej Bialecki.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 28c747c0c7SAndrzej Bialecki.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 29c747c0c7SAndrzej Bialecki.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 30c747c0c7SAndrzej Bialecki.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 31c747c0c7SAndrzej Bialecki.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32c747c0c7SAndrzej Bialecki.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33c747c0c7SAndrzej Bialecki.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34c747c0c7SAndrzej Bialecki.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35c747c0c7SAndrzej Bialecki.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36c747c0c7SAndrzej Bialecki.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37c747c0c7SAndrzej Bialecki.\" SUCH DAMAGE. 38c747c0c7SAndrzej Bialecki.\" 397f3dea24SPeter Wemm.\" $FreeBSD$ 40c747c0c7SAndrzej Bialecki.\" 41c747c0c7SAndrzej Bialecki.Dd August 2, 1999 42c747c0c7SAndrzej Bialecki.Dt pam_radius 8 43c747c0c7SAndrzej Bialecki.Os FreeBSD 3.3 44c747c0c7SAndrzej Bialecki.Sh NAME 45c747c0c7SAndrzej Bialecki.Nm pam_radius 46c747c0c7SAndrzej Bialecki.Nd RADIUS authentication PAM module 47c747c0c7SAndrzej Bialecki.Sh SYNOPSIS 48c747c0c7SAndrzej Bialecki.Nm pam_radius.so 49c747c0c7SAndrzej Bialecki.Op Cm use_first_pass 50c747c0c7SAndrzej Bialecki.Op Cm try_first_pass 51c747c0c7SAndrzej Bialecki.Op Cm echo_pass 52c747c0c7SAndrzej Bialecki.Op Cm conf Ns No = Ns Ar pathname 53c747c0c7SAndrzej Bialecki.Op Cm template_user Ns No = Ns Ar username 54c747c0c7SAndrzej Bialecki.Sh DESCRIPTION 55c747c0c7SAndrzej BialeckiThe 56c747c0c7SAndrzej Bialecki.Nm 57c747c0c7SAndrzej Bialeckimodule provides authentication services based 58c747c0c7SAndrzej Bialeckiupon the RADIUS (Remote Authentication Dial In User Service) protocol 59c747c0c7SAndrzej Bialeckifor the PAM (Pluggable Authentication Module) framework. 60c747c0c7SAndrzej Bialecki.Pp 61c747c0c7SAndrzej BialeckiThe 62c747c0c7SAndrzej Bialecki.Nm 63c747c0c7SAndrzej Bialeckimodule accepts these optional parameters: 64c747c0c7SAndrzej Bialecki.Bl -tag -width Fl 65c747c0c7SAndrzej Bialecki.It Cm use_first_pass 66c747c0c7SAndrzej Bialeckicauses 67c747c0c7SAndrzej Bialecki.Nm 68c747c0c7SAndrzej Bialeckito use a previously entered password instead of prompting for a new one. 69c747c0c7SAndrzej BialeckiIf no password has been entered then authentication fails. 70c747c0c7SAndrzej Bialecki.It Cm try_first_pass 71c747c0c7SAndrzej Bialeckicauses 72c747c0c7SAndrzej Bialecki.Nm 73c747c0c7SAndrzej Bialeckito use a previously entered password, if one is available. If no 74c747c0c7SAndrzej Bialeckipassword has been entered, 75c747c0c7SAndrzej Bialecki.Nm 76c747c0c7SAndrzej Bialeckiprompts for one as usual. 77c747c0c7SAndrzej Bialecki.It Cm echo_pass 78c747c0c7SAndrzej Bialeckicauses echoing to be left on if 79c747c0c7SAndrzej Bialecki.Nm 80c747c0c7SAndrzej Bialeckiprompts for a password. 81c747c0c7SAndrzej Bialecki.It Cm conf Ns No = Ns Ar pathname 82c747c0c7SAndrzej Bialeckispecifies a non-standard location for the RADIUS client configuration file 83c747c0c7SAndrzej Bialecki(normally located in /etc/radius.conf). 84c747c0c7SAndrzej Bialecki.It Cm template_user Ns No = Ns Ar username 85c747c0c7SAndrzej Bialeckispecifies a user whose 86c747c0c7SAndrzej Bialecki.Xr passwd 5 87c747c0c7SAndrzej Bialeckientry will be used as a template to create the session environment 88c6ff3a1bSSheldon Hearnif the supplied username doesn't exist in local password database. 89c6ff3a1bSSheldon HearnThe user 90c747c0c7SAndrzej Bialeckiwill be authenticated with the supplied username and password, but his 91c747c0c7SAndrzej Bialeckicredentials to the system will be presented as the ones for 92c747c0c7SAndrzej Bialecki.Ar username , 93c747c0c7SAndrzej Bialeckii.e., his login class, home directory, resource limits, etc. will be set to ones 94c747c0c7SAndrzej Bialeckidefined for 95c747c0c7SAndrzej Bialecki.Ar username . 96c747c0c7SAndrzej Bialecki.Pp 97c747c0c7SAndrzej BialeckiIf this option is omitted, and there is no username 98c747c0c7SAndrzej Bialeckiin the system databases equal to the supplied one (as determined by call to 99c747c0c7SAndrzej Bialecki.Xr getpwnam 3 Ns ), 100c747c0c7SAndrzej Bialeckithe authentication will fail. 101c747c0c7SAndrzej Bialecki.Sh FILES 102c747c0c7SAndrzej Bialecki.Bl -tag -width /etc/radius.conf -compact 103c747c0c7SAndrzej Bialecki.It Pa /etc/radius.conf 104c747c0c7SAndrzej BialeckiThe standard RADIUS client configuration file for 105c747c0c7SAndrzej Bialecki.Nm 106c747c0c7SAndrzej Bialecki.El 107c747c0c7SAndrzej Bialecki.Sh SEE ALSO 108c747c0c7SAndrzej Bialecki.Xr pam 8 , 109c747c0c7SAndrzej Bialecki.Xr passwd 5 , 110c747c0c7SAndrzej Bialecki.Xr radius.conf 5 111c747c0c7SAndrzej Bialecki.Sh HISTORY 112c747c0c7SAndrzej BialeckiThe 113c747c0c7SAndrzej Bialecki.Nm 114c747c0c7SAndrzej Bialeckimodule first appeared in 115c747c0c7SAndrzej Bialecki.Fx 3.1 . 116c747c0c7SAndrzej BialeckiThe 117c747c0c7SAndrzej Bialecki.Nm 118c747c0c7SAndrzej Bialeckimanual page first appeared in 119c747c0c7SAndrzej Bialecki.Fx 3.3 . 120c747c0c7SAndrzej Bialecki.Sh AUTHORS 121725ab628SRuslan Ermilov.An -nosplit 122c747c0c7SAndrzej BialeckiThe 123c747c0c7SAndrzej Bialecki.Nm 124c747c0c7SAndrzej Bialeckimanual page was written by 125c747c0c7SAndrzej Bialecki.An Andrzej Bialecki Aq abial@FreeBSD.org . 126c747c0c7SAndrzej Bialecki.Pp 127c747c0c7SAndrzej BialeckiThe 128c747c0c7SAndrzej Bialecki.Nm 129c747c0c7SAndrzej Bialeckimodule was written by 130c747c0c7SAndrzej Bialecki.An John D. Polstra Aq jdp@FreeBSD.org . 131