Resolution:
Description:
============
How to do PAM configuration on a Linux system.

Environment:
============
MFT Server 1.2 on any Linux system.


Resolution
=============
On the Linux system, a file named tibmft-pam must be placed in the directory /etc/pam.d.

The content of this file is dependent on the system's security installations. The customer's system security admin should know what security package is installed on the system.

As an example, here is a list of security packages under /lib/security directory on a Linux system:

*********
linux01% pwd

/lib/security

linux01% ls

pam_access.so     pam_krb5.so       pam_passwdqc.so     pam_time.so
pam_chroot.so     pam_lastlog.so    pam_permit.so       pam_unix2.so
pam_cracklib.so   pam_ldap.so       pam_pwcheck.so      pam_unix_acct.so
pam_debug.so      pam_limits.so     pam_resmgr.so       pam_unix_auth.so
pam_deny.so       pam_listfile.so   pam_rhosts_auth.so pam_unix_passwd.so
pam_devperm.so    pam_localuser.so  pam_rootok.so pam_unix_session.so
pam_env.so        pam_mail.so       pam_rpasswd.so      pam_unix.so
pam_filter        pam_make.so       pam_securetty.so    pam_userdb.so
pam_filter.so     pam_mkhomedir.so  pam_selinux.so      pam_userpass.so
pam_ftp.so        pam_mktemp.so     pam_shells.so       pam_warn.so
pam_group.so      pam_motd.so       pam_smb_auth.so     pam_wheel.so
pam_homecheck.so  pam_nologin.so    pam_stress.so       pam_xauth.so
pam_issue.so      pam_opensc.so     pam_succeed_if.so
pam_krb5afs.so    pam_opie.so       pam_tally.so
**********

The tibmft-pam file (under /etc/pam.d directory) should contain the following:

***********
auth       required   /lib/security/pam_unix_auth.so
account    required   /lib/security/pam_unix_acct.so
password   required   /lib/security/pam_unix_passwd.so
session    required   /lib/security/pam_unix_session.so
*************
The contents in this file should reflect what is under the /lib/security directory.

Keywords/Tags:
= = = = = = = = =