summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/libpam/modules/pam_radius/Makefile3
-rw-r--r--lib/libpam/modules/pam_radius/pam_radius.8128
2 files changed, 130 insertions, 1 deletions
diff --git a/lib/libpam/modules/pam_radius/Makefile b/lib/libpam/modules/pam_radius/Makefile
index 23f62ec..6846a41 100644
--- a/lib/libpam/modules/pam_radius/Makefile
+++ b/lib/libpam/modules/pam_radius/Makefile
@@ -34,7 +34,8 @@ CFLAGS+= -I${PAMDIR}/libpam/include
CFLAGS+= -I${.CURDIR}/../../libpam
DPADD+= ${LIBRADIUS} ${LIBGCC_PIC}
LDADD+= -lradius -lgcc_pic
-INTERNALLIB= yes
INTERNALSTATICLIB=yes
+MAN8= pam_radius.8
+
.include <bsd.lib.mk>
diff --git a/lib/libpam/modules/pam_radius/pam_radius.8 b/lib/libpam/modules/pam_radius/pam_radius.8
new file mode 100644
index 0000000..13184e8
--- /dev/null
+++ b/lib/libpam/modules/pam_radius/pam_radius.8
@@ -0,0 +1,128 @@
+.\" Copyright (c) 1999
+.\" Andrzej Bialecki <abial@FreeBSD.org>. All rights reserved.
+.\"
+.\" Copyright (c) 1992, 1993, 1994
+.\" The Regents of the University of California. All rights reserved.
+.\" All rights reserved.
+.\"
+.\" This code is derived from software donated to Berkeley by
+.\" Jan-Simon Pendry.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\" must display the following acknowledgement:
+.\" This product includes software developed by the University of
+.\" California, Berkeley and its contributors.
+.\" 4. Neither the name of the University nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $Id$
+.\"
+.Dd August 2, 1999
+.Dt pam_radius 8
+.Os FreeBSD 3.3
+.Sh NAME
+.Nm pam_radius
+.Nd RADIUS authentication PAM module
+.Sh SYNOPSIS
+.Nm pam_radius.so
+.Op Cm use_first_pass
+.Op Cm try_first_pass
+.Op Cm echo_pass
+.Op Cm conf Ns No = Ns Ar pathname
+.Op Cm template_user Ns No = Ns Ar username
+.Sh DESCRIPTION
+The
+.Nm
+module provides authentication services based
+upon the RADIUS (Remote Authentication Dial In User Service) protocol
+for the PAM (Pluggable Authentication Module) framework.
+.Pp
+The
+.Nm
+module accepts these optional parameters:
+.Bl -tag -width Fl
+.It Cm use_first_pass
+causes
+.Nm
+to use a previously entered password instead of prompting for a new one.
+If no password has been entered then authentication fails.
+.It Cm try_first_pass
+causes
+.Nm
+to use a previously entered password, if one is available. If no
+password has been entered,
+.Nm
+prompts for one as usual.
+.It Cm echo_pass
+causes echoing to be left on if
+.Nm
+prompts for a password.
+.It Cm conf Ns No = Ns Ar pathname
+specifies a non-standard location for the RADIUS client configuration file
+(normally located in /etc/radius.conf).
+.It Cm template_user Ns No = Ns Ar username
+specifies a user whose
+.Xr passwd 5
+entry will be used as a template to create the session environment
+if the supplied username doesn't exist in local password database. The user
+will be authenticated with the supplied username and password, but his
+credentials to the system will be presented as the ones for
+.Ar username ,
+i.e., his login class, home directory, resource limits, etc. will be set to ones
+defined for
+.Ar username .
+.Pp
+If this option is omitted, and there is no username
+in the system databases equal to the supplied one (as determined by call to
+.Xr getpwnam 3 Ns ),
+the authentication will fail.
+.Sh FILES
+.Bl -tag -width /etc/radius.conf -compact
+.It Pa /etc/radius.conf
+The standard RADIUS client configuration file for
+.Nm
+.El
+.Sh SEE ALSO
+.Xr pam 8 ,
+.Xr passwd 5 ,
+.Xr radius.conf 5
+.Sh HISTORY
+The
+.Nm
+module first appeared in
+.Fx 3.1 .
+The
+.Nm
+manual page first appeared in
+.Fx 3.3 .
+.Sh AUTHORS
+The
+.Nm
+manual page was written by
+.An Andrzej Bialecki Aq abial@FreeBSD.org .
+.Pp
+The
+.Nm
+module was written by
+.An John D. Polstra Aq jdp@FreeBSD.org .
OpenPOWER on IntegriCloud