Authenticate Against PAM in ejabberd 1.x

Important: PAM authentication is included in ejabberd 2.0.0 and newer
Name: check_pam
Purpose: Allows authenticating against PAM
Author: dizzyd and alto
Type: Patch
Requirements: ejabberd 1.1.1 or 1.1.2
Download: ejabberd_auth_pam.diff (or check_pam.diff for old ejabberd 0.9.8)

How to Apply the Patch

  1. Make sure you have the development files for PAM installed.

    • On Debian you must install the package libpam0g-dev.
  2. Go to the ejabberd source directory: ejabberd/src

  3. Download the patch to that directory

  4. Apply the patch:

    $ patch -p0 < ejabberd_auth_pam.diff
    patching file aclocal.m4
    patching file configure.ac
    patching file Makefile.in
    patching file pam/ejabberd_auth_pam.c
    patching file pam/ejabberd_auth_pam.erl
    patching file pam/Makefile.in
  5. Regenerate 'configure':

    $ autoconf
  6. Execute 'configure':

    $ ./configure
    ...
    checking whether build pam... yes
    ...
    config.status: creating pam/Makefile
    ...
  7. Compile ejabberd:

    $ make
  8. Instruct ejabberd to use PAM authentication. To do that, edit ejabberd.cfg and modify the auth_mehtod depending on what you want to allow. For example:

    %%% Add new auth method 
    {auth_method, [internal, pam]}.
    
    %%% Default pam service "login" can be change 
    %{pam_service, "login"}.
    %%% Default pam prompt "Password:" can be change 
    %{pam_prompt_pwd, "Password:"}.
  9. Start ejabberd

Related Links

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Unable to spin up PAM: system error

Compile OK!
Start OK!
Authenticate fail...

log ejabberd:
PAM-AUTH driver start
Open: /usr/lib/libpam.so
Unable to spin up PAM: system error
Close: /usr/lib/libpam.so
PAM-AUTH driver stop

log messages:
beam: in openpam_load_module(): no pam_mysql.so found

config ejabberd:
[{auth_method, [internal, pam]},
{pam_service, "ejabberd"}]

config pam:
auth optional pam_mysql.so .....
account required pam_mysql.so .....

P.S. vsftpd work with pam_mysql.so

Help me please!

Re: Unable to spin up PAM: system error

ejabberd has PAM support out of box since 2.0.0.
You just need to update your ejabberd.

ejabberd 1.1.4 not support?

ejabberd 1.1.4 not support?

Release?

This patch is 2+ years old, and the latest version is from January 2007. Ejabberd 1.1.4 still doesn't include it... does anyone know when a version of ejabberd with this patch applied will be released?

It has already been added to

It has already been added to SVN development version and will be release with ejabberd 2.0

--
Mickaël Rémond
Process-one

fedora core 6

after apply patch don't forget add ejabberduser to saslauth group, and run saslauthd service.

usermod -G saslauth ejabberd

Да какой уж там

Да какой уж там SASL... товарищ пропатчил мой вариант для 1.1.2 совершенно бездумной проверкой пользователей по passwd

its ok?

ejd 1.1.2, redhat9, Autoconf 2.57, pam-devel-0.75-48

autoconf
./configure

see

# head ./pam/Makefile -n8
# $Id: Makefile.in 285 2004-11-05 21:14:31Z aleksey $

CC = gcc
CFLAGS = -g -O2 @PAM_CFLAGS@ -I/usr/local/lib/erlang/lib/erl_interface-3.5.5/include -I/usr/local/lib/erlang/usr/include
CPPFLAGS = -I/usr/kerberos/include
LDFLAGS =
LIBS = @PAM_LIBS@ -L/usr/local/lib/erlang/lib/erl_interface-3.5.5/lib -lerl_interface -lei

params @PAM_CFLAGS@ @PAM_LIBS@?

# cd ./pam && make
gcc -Wall -g -O2 @PAM_CFLAGS@ -I/usr/local/lib/erlang/lib/erl_interface-3.5.5/include -I/usr/local/lib/erlang/usr/include \
pam_drv.c @PAM_LIBS@ -L/usr/local/lib/erlang/lib/erl_interface-3.5.5/lib -lerl_interface -lei \
-o ../pam_drv.so -fpic -shared
gcc: @PAM_CFLAGS@: No such file or directory
gcc: @PAM_LIBS@: No such file or directory
pam_drv.c:218: warning: initialization from incompatible pointer type
make: *** [../pam_drv.so] Error 1

delete @PAM_CFLAGS@ and @PAM_LIBS@ in Makefile. Compile with warning:
/usr/local/bin/erlc -W -I .. -pz .. -o .. pam.erl
gcc -Wall -g -O2 -I/usr/local/lib/erlang/lib/erl_interface-3.5.5/include -I/usr/local/lib/erlang/usr/include \
pam_drv.c -L/usr/local/lib/erlang/lib/erl_interface-3.5.5/lib -lerl_interface -lei \
-o ../pam_drv.so -fpic -shared
pam_drv.c:218: warning: initialization from incompatible pointer type

patch for freebsd

Please, create patch for install in freebsd?

Syndicate content