This step by step guide is derived from the installation +instructions which you can find at yourdomain.com/doc/acs-authentication/ext-auth-pam-install.html. +It is build upon PAM 0.77 (tested) and does not work on RedHat +Linux Enterprise 3 (using PAM 0.75). It makes use of the ns_pam +module written by Mat Kovach. The instructions given in here do +work with PAM LDAP accordingly and differences will be shown at the +end of the file.
+Install ns_pam. Download and +install ns_pam
+[root aolserver]#+cd /usr/local/src/aolserver/
+ [root aolserver]#wget http://braindamage.alal.com/software/ns_pam-0.1.tar.gz
+ [root aolserver]#tar xvfz ns_pam-0.1.tar.gz
+ [root aolserver]#cd ns_pam-0.1
+ [root ns_pam-0.1]#make install INST=/usr/local/aolserver
+ [root ns_pam-0.1]# +cd /usr/local/src/aolserver/ +wget http://braindamage.alal.com/software/ns_pam-0.1.tar.gz +tar xvfz ns_pam-0.1.tar.gz +cd ns_pam-0.1 +make install INST=/usr/local/aolserver + +
+Configure ns_pam. Configure +AOLserver for ns_pam
To enable ns_pam in AOLServer you will first have to edit your +config.tcl file and enable the loading of the ns_pam module and +configure the aolservers pam configuration file.
Change config.tcl. Remove
+the # in front of
+ns_param nspam
+${bindir}/nspam.so
to enable the loading of the ns_pam
+module.
Change config.tcl.
+Replace pam_domain
in the
+section ns/server/${server}/module/nspam
with
+aolserver
+
Create /etc/pam.d/aolserver.
+ [root ns_pam]#cp /var/lib/aolserver/service0/packages/acs-core-docs/www/files/pam-aolserver.txt /etc/pam.d/aolserver
+
++Configure PAM Radius. Configure and +install PAM Radius
You have to make sure that pam_radius v.1.3.16 or higher is +installed, otherwise you will have to install it.
+[root ns_pam]#cd /usr/local/src/
+ [root src]#wget ftp://ftp.freeradius.org/pub/radius/pam_radius-1.3.16.tar
+ [root src]#tar xvf pam_radius-1.3.16
+ [root src]#cd pam_radius
+ [root pam_radius]#make
+ [root pam_radius]#cp pam_radius_auth.so /lib/security/
+ [root pam_radius]# +cd /usr/local/src +wget ftp://ftp.freeradius.org/pub/radius/pam_radius-1.3.16.tar +tar xvf pam_radius-1.3.16 +cd pam_radius +make +cp pam_radius_auth.so /lib/security/ + +
Next you have to add the configuration lines to your Radius +configuration file (/etc/rddb/server). For AOLserver to be able to +access this information you have to change the access rights to +this file as well.
+[root pam_radius]#+echo "radius.yourdomain.com:1645 your_radius_password >>/etc/rddb/server
+ [root src]#chown service0:web /etc/rddb/server
+