# character prepended to their respective user names!
;PAMIsOptional = no
+ # When PAM is enabled, this value determines the used PAM
+ # configuration.
+ # This setting allows to run multiple ngIRCd instances with
+ # different PAM configurations on each instance.
+ # If you set it to "ngircd-foo", PAM will use
+ # /etc/pam.d/ngircd-foo instead of the default
+ # /etc/pam.d/ngircd.
+ ;PAMServiceName = ngircd
+
# Let ngIRCd send an "authentication PING" when a new client connects,
# and register this client only after receiving the corresponding
# "PONG" reply.
don't have a "~" character prepended to their respective user names!
Default: no.
.TP
+\fBPAMServiceName\fR (string)
+When PAM is enabled, this value determines the used PAM configuration.
+This setting allows to run multiple ngIRCd instances with different
+PAM configurations on each instance. If you set it to "ngircd-foo",
+PAM will use /etc/pam.d/ngircd-foo instead of the default
+/etc/pam.d/ngircd.
+Default: ngircd.
+.TP
\fBRequireAuthPing\fR (boolean)
Let ngIRCd send an "authentication PING" when a new client connects, and
register this client only after receiving the corresponding "PONG" reply.
#ifdef PAM
printf(" PAM = %s\n", yesno_to_str(Conf_PAM));
printf(" PAMIsOptional = %s\n", yesno_to_str(Conf_PAMIsOptional));
+ printf(" PAMServiceName = %s\n", Conf_PAMServiceName);
#endif
#ifndef STRICT_RFC
printf(" RequireAuthPing = %s\n", yesno_to_str(Conf_AuthPing));
Conf_PAM = false;
#endif
Conf_PAMIsOptional = false;
+ strcpy(Conf_PAMServiceName, "ngircd");
Conf_ScrubCTCP = false;
#ifdef SYSLOG
#ifdef LOG_LOCAL5
Conf_PAMIsOptional = Check_ArgIsTrue(Arg);
return;
}
+ if (strcasecmp(Var, "PAMServiceName") == 0) {
+ len = strlcpy(Conf_PAMServiceName, Arg, sizeof(Conf_PAMServiceName));
+ if (len >= sizeof(Conf_PAMServiceName))
+ Config_Error_TooLong(File, Line, Var);
+ return;
+ }
if (strcasecmp(Var, "PredefChannelsOnly") == 0) {
/*
* TODO: This section and support for "PredefChannelsOnly"
/** Don't require all clients to send a password an to be PAM authenticated */
GLOBAL bool Conf_PAMIsOptional;
+/** The service name to use for PAM */
+GLOBAL char Conf_PAMServiceName[MAX_PAM_SERVICE_NAME_LEN];
+
/** Disable all CTCP commands except for /me ? */
GLOBAL bool Conf_ScrubCTCP;
/** Size of default connection pool. */
#define CONNECTION_POOL 100
+/** Size of buffer for PAM service name. */
+#define MAX_PAM_SERVICE_NAME_LEN 64
+
/* Hard-coded (default) options */
#include "log.h"
#include "conn.h"
#include "client.h"
+#include "conf.h"
#include "pam.h"
conv.appdata_ptr = Conn_Password(Client_Conn(Client));
/* Initialize PAM */
- retval = pam_start("ngircd", Client_OrigUser(Client), &conv, &pam);
+ retval = pam_start(Conf_PAMServiceName, Client_OrigUser(Client), &conv, &pam);
if (retval != PAM_SUCCESS) {
Log(LOG_ERR, "PAM: Failed to create authenticator! (%d)", retval);
return false;