Specifications
Red Hat Enterprise Linux to Oracle Solaris Porting Guide
85
PAM Configuration and Differences
The following table lists the PAM-related system administration command differences on the two
platforms.
TABLE 9-1. INFRASTRUCTURE DIFFERENCES
RHEL ORACLE SOLARIS 11
The Linux-PAM configuration file is located in
/etc/pam.conf.
Alternatively, PAM configuration can be set by editing
individual configuration files located in the /etc/pam.d/
directory.
The presence of the /etc/pam.d directory will cause
Linux-PAM to ignore /etc/pam.conf.
On Oracle Solaris 11, a configuration file named
/etc/pam.conf is used to configure the service modules for
various system services.
On Oracle Solaris, all PAM-related configurations can be done
by editing the single file /etc/pam.conf.
There is no need for the /etc/pam.d directory on Oracle
Solaris 11.
The supported PAM control values for Linux in the pam.conf
file and individual PAM configuration files are:
required
requisite
sufficient
optional
include
substack
On Oracle Solaris, the supported control values in
/etc/pam.conf file are:
required
requisite
sufficient
optional
include
binding
Note: When binding is specified, if the service module returns
success and no preceding required modules returned
failures, immediately return success without calling any
subsequent modules.
If a failure is returned, treat the failure as a required module
failure, and continue to process the PAM stack.
Control value
substack
is not available in Oracle Solaris.
Migrating Custom PAM Modules—Developer's Perspective
To understand the implementation level differences between the two operating systems, let’s first look
at how PAM works. Table 9-2 lists the sequence of function calls that happen during invocation of a
typical PAM module.