|PAM_SMBFS_LOGIN(7)||Standards, Environments, and Macros||PAM_SMBFS_LOGIN(7)|
pam_smbfs_login - PAM user credential authentication module for SMB/CIFS client login
This optional functionality is meant to be used only in environments that do not run Active Directory or Kerberos, but which synchronize passwords between clients and their CIFS/SMB servers.
This module permits the login password to be stored as if the
smbutil(1) login command was used to store a password for PAM_USER in
the user or system default domain. The choice of default domain is the first
of the following:
-Domain entry specified in the default section of the $HOME/.nsmbrc file, if readable.
-Domain entry specified in the default section shown by the sharectl get smbfs command.
Because pam_smbfs_login runs as root during the login process, a $HOME/.nsmbrc file accessed through NFS may only be readable if the file permits reads by others. This conflicts with the requirement that passwords stored in $HOME/.nsmbrc are ignored when permissions are open.
To use this functionality, add the following line to the /etc/pam.conf file:
login auth optional pam_smbfs_login.so.1
The pam_sm_setcred(3PAM) function accepts the following flags:
The following options can be passed to the pam_smbfs_login module:
Upon successful completion of pam_sm_setcred(3PAM), PAM_SUCCESS is returned. The following error codes are returned upon error:
See attributes(7) for descriptions of the following attribute:
|ATTRIBUTE TYPE||ATTRIBUTE VALUE|
|MT Level||MT-Safe with exceptions|
The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.
|August 19, 2023||OmniOS|