Index: openacs-4/packages/acs-core-docs/www/install-pam-radius.adp =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-core-docs/www/install-pam-radius.adp,v diff -u -N --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ openacs-4/packages/acs-core-docs/www/install-pam-radius.adp 7 Aug 2017 23:47:50 -0000 1.2 @@ -0,0 +1,100 @@ + +{/doc/acs-core-docs {ACS Core Documentation}} {Install PAM Radius for use as external +authentication} +Install PAM Radius for use as external +authentication + + +
+

+Install PAM Radius for use as external +authentication

+

By Malte Sussdorff +

+OpenACS docs are written by the named authors, and may be edited by +OpenACS documentation staff.

This step by step guide is derived from the installation +instructions which you can find at yourdomain.com/doc/acs-authentication/ext-auth-pam-install.html. +It is build upon PAM 0.77 (tested) and does not work on RedHat +Linux Enterprise 3 (using PAM 0.75). It makes use of the ns_pam +module written by Mat Kovach. The instructions given in here do +work with PAM LDAP accordingly and differences will be shown at the +end of the file.

    +
  1. +

    +Install ns_pam. Download and +install ns_pam

    +[root aolserver]# cd /usr/local/src/aolserver/
+          [root aolserver]# wget http://braindamage.alal.com/software/ns_pam-0.1.tar.gz
+          [root aolserver]# tar xvfz ns_pam-0.1.tar.gz
+          [root aolserver]# cd ns_pam-0.1
+          [root ns_pam-0.1]# make install INST=/usr/local/aolserver
+          [root ns_pam-0.1]#
+cd /usr/local/src/aolserver/
+wget http://braindamage.alal.com/software/ns_pam-0.1.tar.gz
+tar xvfz ns_pam-0.1.tar.gz
+cd ns_pam-0.1
+make install INST=/usr/local/aolserver
+
+
    +
  2. +

    +Configure ns_pam. Configure +AOLserver for ns_pam

    To enable ns_pam in AOLServer you will first have to edit your +config.tcl file and enable the loading of the ns_pam module and +configure the aolservers pam configuration file.

      +

    • Change config.tcl. Remove +the # in front of +ns_param nspam +${bindir}/nspam.so to enable the loading of the ns_pam +module.

    • Change config.tcl. +Replace pam_domain in the +section ns/server/${server}/module/nspam with +aolserver +

    • +

      Create /etc/pam.d/aolserver.

      +              [root ns_pam]#cp /var/lib/aolserver/service0/packages/acs-core-docs/www/files/pam-aolserver.txt /etc/pam.d/aolserver
+
      +
      • +
    +
  3. +

    +Configure PAM Radius. Configure and +install PAM Radius

    You have to make sure that pam_radius v.1.3.16 or higher is +installed, otherwise you will have to install it.

    +[root ns_pam]# cd /usr/local/src/
+          [root src]# wget ftp://ftp.freeradius.org/pub/radius/pam_radius-1.3.16.tar
+          [root src]# tar xvf pam_radius-1.3.16
+          [root src]# cd pam_radius
+          [root pam_radius]# make
+          [root pam_radius]# cp pam_radius_auth.so /lib/security/
+          [root pam_radius]#
+cd /usr/local/src
+wget ftp://ftp.freeradius.org/pub/radius/pam_radius-1.3.16.tar
+tar xvf pam_radius-1.3.16
+cd pam_radius
+make
+cp pam_radius_auth.so /lib/security/
+
+

    Next you have to add the configuration lines to your Radius +configuration file (/etc/rddb/server). For AOLserver to be able to +access this information you have to change the access rights to +this file as well.

    +[root pam_radius]# echo "radius.yourdomain.com:1645 your_radius_password >>/etc/rddb/server
+          [root src]# chown service0:web /etc/rddb/server
+
    +
    4. +
+
+ + \ No newline at end of file