PAM-modules Manual (split by section):   Section:   Chapter:FastBack: fshadow   Up: fshadow   FastForward: regex   Contents: Table of ContentsIndex: Concept Index

3.2 Using pam_fshadow in virtual domain mode.

In virtual domain mode, pam_fshadow uses the user name to determine where to look for the passwd/shadow file pair. The name is split into user name proper and authentication domain. The configuration directory name is then constructed by concatenating the system configuration directory, a directory separator character (‘/’), and the name of the authentication domain. Then, authentication proceeds as described above for the plain mode. If the supplied user name does not match the regular expression, pam_fshadow proceeds as in plain mode.

This mode is enabled by the option regex, which supplies a regular expression to split user names. This regular expression must contain two parenthesized groups. First of them is used to extract the user name, and the second one is used to extract the authentication domain. For example, the following option: 

regex=(.*)@(.*)

instructs pam_fshadow to use any characters before the ‘@’ as the user name, and anything following it as the authentication domain.

Several options are provided, that control the type of regular expression and the way of retrieving authentication data from the user name. These options are:

basic

Use basic regular expression.

extended

Use extended regular expression. This is the default.

ignore-case
icase

Use case-insensitive regular expression.

case

Use case-sensitive regular expressions (default).

revert-index

Use group #2 as the user name and group #1 as the authentication domain.

As an example, consider the following pam.conf entry: 

check auth required pam_fshadow.so \
   sysconfdir=/etc/auth regex=(.*)@(.*) extended

It instructs pam_fshadow to use ‘@’ as the username/domain separator and to look up password databases under the /etc/auth directory. For example, if the supplied user name was ‘smith@ftp’, then the module will look for the user name ‘smith’ in files /etc/auth/ftp/passwd and /etc/auth/ftp/shadow.

PAM-modules Manual (split by section):   Section:   Chapter:FastBack: fshadow   Up: fshadow   FastForward: regex   Contents: Table of ContentsIndex: Concept Index

This document was generated on August 11, 2021 using makeinfo.

Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.