|Last modified: 16-06-2020|
On a Linux system, PAM configuration files live either in /etc/pamd.conf, or in /etc/pamd./ . If the latter, each application must have a corresponding file in /etc/pam.d/, eg. ftp, imap, etc.
A PAM configuration file consists of a few lines, with the following format:
module-type control-flag module-path arguments
|auth||Prompts the user for identification|
|account||Checks account settings (aging, etc.)|
|session||Provides functions before and after session establishment|
|password||Used with the auth type to update the user authentication token. Possible values are nullok (lets the user change from a null password), use_authok (set the new password as received from the previous module), md5 or bigcrypt (uses stronger hashing than standard crypt), shadow or radius or unix (transfers passwords to another database)|