Index: openacs-4/packages/acs-authentication/www/doc/ext-auth-pam-install.html
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-authentication/www/doc/ext-auth-pam-install.html,v
diff -u -r1.4 -r1.5
--- openacs-4/packages/acs-authentication/www/doc/ext-auth-pam-install.html	19 Feb 2004 14:59:42 -0000	1.4
+++ openacs-4/packages/acs-authentication/www/doc/ext-auth-pam-install.html	4 Jun 2006 00:45:21 -0000	1.5
@@ -1,14 +1,14 @@
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Installing PAM support</title><meta name="generator" content="DocBook XSL Stylesheets V1.64.1"><link rel="home" href="index.html" title="External Authentication"><link rel="up" href="ext-auth-install.html" title="Installation"><link rel="previous" href="ext-auth-install.html" title="Installation"><link rel="next" href="ext-auth-ldap-install.html" title="Installing LDAP support"><link rel="stylesheet" href="openacs.css" type="text/css"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><a href="http://openacs.org"><img src="/doc/images/alex.jpg" border="0" alt="Alex logo"></a><table width="100%" summary="Navigation header" border="0"><tr><td width="20%" align="left"><a accesskey="p" href="ext-auth-install.html">Prev</a> </td><th width="60%" align="center">Installation</th><td width="20%" align="right"> <a accesskey="n" href="ext-auth-ldap-install.html">Next</a></td></tr></table><hr></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="ext-auth-pam-install"></a>Installing PAM support</h2></div></div><div></div></div><p>OpenACS supports PAM authetication via the ns_pam module in AOLserver.</p><div class="orderedlist"><ol type="1"><li><p><b>Add PAM support to AOLserver.�</b>OpenACS supports PAM support via the PAM AOLserver
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Using Pluggable Authentication Modules (PAM) with OpenACS</title><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"><link rel="home" href="index.html" title="External Authentication"><link rel="up" href="ext-auth-install.html" title="Installation"><link rel="previous" href="ext-auth-install.html" title="Installation"><link rel="next" href="ext-auth-ldap-install.html" title="Using LDAP/Active Directory with OpenACS"><link rel="stylesheet" href="openacs.css" type="text/css"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><a href="http://openacs.org"><img src="/doc/images/alex.jpg" border="0" alt="Alex logo"></a><table width="100%" summary="Navigation header" border="0"><tr><td width="20%" align="left"><a accesskey="p" href="ext-auth-install.html">Prev</a> </td><th width="60%" align="center">Installation</th><td width="20%" align="right"> <a accesskey="n" href="ext-auth-ldap-install.html">Next</a></td></tr></table><hr></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="ext-auth-pam-install"></a>Using Pluggable Authentication Modules (PAM) with OpenACS</h2></div></div></div><p>OpenACS supports PAM authetication via the ns_pam module in AOLserver.</p><div class="orderedlist"><ol type="1"><li><p><b>Add PAM support to AOLserver.�</b>OpenACS supports PAM support via the PAM AOLserver
         module.  PAM is system of modular support, and can provide
         local (unix password), RADIUS, LDAP (<a href="http://www.tldp.org/HOWTO/LDAP-Implementation-HOWTO/pamnss.html" target="_top">more
         information</a>), and other forms of
         authentication.  Note that due to security issues, the
         AOLserver PAM module cannot be used for local password
         authentication.  </p><div class="orderedlist"><ol type="a"><li><p><a name="install-nspam"></a><b>Compile and install ns_pam.�</b>Download the <a href="/doc/nspam-download" target="_top">tarball</a> to
-            <tt class="computeroutput">/tmp</tt>.</p><p>Debian users: first do <b class="userinput"><tt>apt-get install libpam-dev</tt></b></p><pre class="screen">[root@yourserver root]# <b class="userinput"><tt>cd /usr/local/src/aolserver</tt></b>
-[root@yourserver aolserver]# <b class="userinput"><tt>tar xzf /tmp/ns_pam-0.1.tar.gz</tt></b>
-[root@yourserver aolserver]# <b class="userinput"><tt>cd nspam</tt></b>
-[root@yourserver nspam]# <b class="userinput"><tt>make</tt></b>
+            <code class="computeroutput">/tmp</code>.</p><p>Debian users: first do <strong class="userinput"><code>apt-get install libpam-dev</code></strong></p><pre class="screen">[root@yourserver root]# <strong class="userinput"><code>cd /usr/local/src/aolserver</code></strong>
+[root@yourserver aolserver]# <strong class="userinput"><code>tar xzf /tmp/ns_pam-0.1.tar.gz</code></strong>
+[root@yourserver aolserver]# <strong class="userinput"><code>cd nspam</code></strong>
+[root@yourserver nspam]# <strong class="userinput"><code>make</code></strong>
 gcc -I/usr/include/pam -I/usr/local/aolserver/include -D_REENTRANT=1 
   -DNDEBUG=1 -g -fPIC -Wall -Wno-unused -mcpu=i686 -DHAVE_CMMSG=1 
   -DUSE_FIONREAD=1 -DHAVE_COND_EINTR=1   -c -o nspam.o nspam.c
@@ -20,7 +20,7 @@
   -DUSE_FIONREAD=1 -DHAVE_COND_EINTR=1   -c -o pam_support.o pam_support.c
 /bin/rm -f nspam.so
 gcc -shared -nostartfiles -o nspam.so nspam.o pam_support.o -lpam
-[root@yourserver nspam]# <b class="userinput"><tt>make install</tt></b>
+[root@yourserver nspam]# <strong class="userinput"><code>make install</code></strong>
 [root@yourserver nspam]#
 <span class="action"><span class="action">cd /usr/local/src/aolserver
 tar xzf /tmp/ns_pam-0.1.tar.gz
@@ -36,33 +36,33 @@
               perform new types of authentication.
 </p><div class="itemizedlist"><ul type="disc"><li><p><b>RADIUS in PAM.�</b></p><div class="orderedlist"><ol type="i"><li><p>Untar the <a href="/doc/individual-programs.html#pam-radius-download" target="_top">pam_radius
                     tarball</a> and compile and install.  (<a href="http://www.freeradius.org/pam_radius_auth/" target="_top">more
-                    information</a>)</p><pre class="screen">[root@yourserver root]# <b class="userinput"><tt>cd /usr/local/src/</tt></b>
-[root@yourserver src]# <b class="userinput"><tt>tar xf /tmp/pam_radius-1.3.16.tar</tt></b>
-[root@yourserver src]# <b class="userinput"><tt>cd pam_radius-1.3.16</tt></b>
-[root@yourserver pam_radius-1.3.16]# <b class="userinput"><tt>make</tt></b>
+                    information</a>)</p><pre class="screen">[root@yourserver root]# <strong class="userinput"><code>cd /usr/local/src/</code></strong>
+[root@yourserver src]# <strong class="userinput"><code>tar xf /tmp/pam_radius-1.3.16.tar</code></strong>
+[root@yourserver src]# <strong class="userinput"><code>cd pam_radius-1.3.16</code></strong>
+[root@yourserver pam_radius-1.3.16]# <strong class="userinput"><code>make</code></strong>
 cc -Wall -fPIC -c pam_radius_auth.c -o pam_radius_auth.o
 cc -Wall -fPIC   -c -o md5.o md5.c
 ld -Bshareable pam_radius_auth.o md5.o -lpam -o pam_radius_auth.so
-[root@yourserver pam_radius-1.3.16]# <b class="userinput"><tt>cp pam_radius_auth.so /lib/security/pam_radius_auth.so</tt></b>
+[root@yourserver pam_radius-1.3.16]# <strong class="userinput"><code>cp pam_radius_auth.so /lib/security/pam_radius_auth.so</code></strong>
 [root@yourserver pam_radius-1.3.16]#
 <span class="action"><span class="action">cd /usr/local/src/
 tar xf /tmp/pam_radius-1.3.16.tar
 cd pam_radius-1.3.16
 make
-cp pam_radius_auth.so /lib/security/pam_radius_auth.so</span></span></pre><p>Debian users: <b class="userinput"><tt>apt-get install libpam-radius-auth</tt></b></p></li><li><p>Set up the PAM domain.  Recent PAM
+cp pam_radius_auth.so /lib/security/pam_radius_auth.so</span></span></pre><p>Debian users: <strong class="userinput"><code>apt-get install libpam-radius-auth</code></strong></p></li><li><p>Set up the PAM domain.  Recent PAM
                 distributions have a different file for each domain,
-                all in <tt class="computeroutput">/etc/pam.d</tt>.
+                all in <code class="computeroutput">/etc/pam.d</code>.
                 Previous PAM setups put all domain configuration lines
                 into a single file,
-                <tt class="computeroutput">/etc/pam.conf</tt>.  On
+                <code class="computeroutput">/etc/pam.conf</code>.  On
                 Red Hat, create the file
-                <tt class="computeroutput">/etc/pam.d/<span class="replaceable"><span class="replaceable">service0</span></span></tt>
+                <code class="computeroutput">/etc/pam.d/<span class="replaceable"><span class="replaceable">service0</span></span></code>
                 with these contents:</p><pre class="programlisting">auth       sufficient   /lib/security/pam_radius_auth.so
 </pre></li><li><p>Modify the AOLserver configuration file to use
                 this PAM domain.  Edit the line</p><pre class="programlisting">ns_param   PamDomain             "<span class="replaceable"><span class="replaceable">service0</span></span>"</pre><p>So that the value of the parameter matches the name (just the file name, not the fully pathed name) of the domain file in </p><pre class="programlisting">/etc/pam.d/</pre></li></ol></div></li><li><p><b>LDAP in PAM.�</b><a href="http://www.tldp.org/HOWTO/LDAP-Implementation-HOWTO/pamnss.html#AEN110" target="_top">more information</a></p></li></ul></div></li><li><p><b>Modify the AOLserver configuration file to support ns_pam.�</b></p><p>In
-          <tt class="computeroutput">/var/lib/aolserver/<span class="replaceable"><span class="replaceable">service0</span></span>/etc/config.tcl</tt>, enable the nspam module by uncommenting this line:</p><pre class="programlisting">ns_param   nspam           ${bindir}/nspam.so</pre></li></ol></div></li><li><p><b>Install auth-pam OpenACS service package.�</b><a href="/acs-admin/install/" target="_top">Install</a> <tt class="computeroutput">auth-pam</tt> and restart the server.</p></li><li><p><a name="ext-auth-create-authority"></a><b>Create an OpenACS authority.�</b>OpenACS supports multiple authentication authorities.
+          <code class="computeroutput">/var/lib/aolserver/<span class="replaceable"><span class="replaceable">service0</span></span>/etc/config.tcl</code>, enable the nspam module by uncommenting this line:</p><pre class="programlisting">ns_param   nspam           ${bindir}/nspam.so</pre></li></ol></div></li><li><p><b>Install auth-pam OpenACS service package.�</b><a href="/acs-admin/install/" target="_top">Install</a> <code class="computeroutput">auth-pam</code> and restart the server.</p></li><li><p><a name="ext-auth-create-authority"></a><b>Create an OpenACS authority.�</b>OpenACS supports multiple authentication authorities.
         The OpenACS server itself is the "Local Authority," used by
         default.</p><div class="orderedlist"><ol type="a"><li><p>Browse to the authentication administration page,
-            <tt class="computeroutput">http://<span class="replaceable"><span class="replaceable">yourserver</span></span><a href="/acs-admin/auth/" target="_top">/acs-admin/auth/</a></tt>.
-             Create and name an authority (in the sitewide admin UI)</p></li><li><p>Set Authentication to PAM.</p></li><li><p>If the PAM domain defines a <tt class="computeroutput">password</tt> command, you can set Password Management to PAM.  If not, the PAM module cannot change the user's password and you should leave this option Disabled.</p></li><li><p>Leave Account Registration disabed.</p></li><li><p><a href="configure-batch-sync.html" title="Configure Batch Synchronization">Configure Batch Synchronization</a>
-</p></li></ol></div></li></ol></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="ext-auth-install.html">Prev</a> </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right"> <a accesskey="n" href="ext-auth-ldap-install.html">Next</a></td></tr><tr><td width="40%" align="left">Installation </td><td width="20%" align="center"><a accesskey="u" href="ext-auth-install.html">Up</a></td><td width="40%" align="right"> Installing LDAP support</td></tr></table><hr><address><a href="mailto:docs@openacs.org">docs@openacs.org</a></address></div><a name="comments"></a><center><a href="http://openacs.org/doc/ext-auth-pam-install.html#comments">View comments on this page at openacs.org</a></center></body></html>
+            <code class="computeroutput">http://<span class="replaceable"><span class="replaceable">yourserver</span></span><a href="/acs-admin/auth/" target="_top">/acs-admin/auth/</a></code>.
+             Create and name an authority (in the sitewide admin UI)</p></li><li><p>Set Authentication to PAM.</p></li><li><p>If the PAM domain defines a <code class="computeroutput">password</code> command, you can set Password Management to PAM.  If not, the PAM module cannot change the user's password and you should leave this option Disabled.</p></li><li><p>Leave Account Registration disabed.</p></li><li><p><a href="configure-batch-sync.html" title="Configure Batch Synchronization">Configure Batch Synchronization</a>
+</p></li></ol></div></li></ol></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="ext-auth-install.html">Prev</a> </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right"> <a accesskey="n" href="ext-auth-ldap-install.html">Next</a></td></tr><tr><td width="40%" align="left">Installation </td><td width="20%" align="center"><a accesskey="u" href="ext-auth-install.html">Up</a></td><td width="40%" align="right"> Using LDAP/Active Directory with OpenACS</td></tr></table><hr><address><a href="mailto:docs@openacs.org">docs@openacs.org</a></address></div><a name="comments"></a><center><a href="http://openacs.org/doc/current/ext-auth-pam-install.html#comments">View comments on this page at openacs.org</a></center></body></html>