Create separate pam config for webserver instead of using dropbear's
Signed-off-by: Jennifer Lee <jennifer1.lee@intel.com>
Change-Id: I18850e82e116683b1c56e3a0eb23511b09aeed51
diff --git a/CMakeLists.txt b/CMakeLists.txt
index a7a5a9e..a932ef9 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -158,7 +158,9 @@
add_definitions ("-DWEBSERVER_DISABLE_PAM")
endif ()
-add_definitions ("-Wno-attributes")
+add_definitions("-Wno-attributes")
+# Copy pam-webserver to etc/pam.d
+install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/pam-webserver DESTINATION /etc/pam.d/ RENAME webserver)
# tinyxml2
find_package (tinyxml2 REQUIRED)
diff --git a/include/pam_authenticate.hpp b/include/pam_authenticate.hpp
index 997c297..a66d16b 100644
--- a/include/pam_authenticate.hpp
+++ b/include/pam_authenticate.hpp
@@ -41,7 +41,7 @@
pam_function_conversation, const_cast<char*>(pass_str.c_str())};
pam_handle_t* local_auth_handle = NULL; // this gets set by pam_start
- if (pam_start("dropbear", user_str.c_str(), &local_conversation,
+ if (pam_start("webserver", user_str.c_str(), &local_conversation,
&local_auth_handle) != PAM_SUCCESS) {
return false;
}
diff --git a/pam-webserver b/pam-webserver
new file mode 100644
index 0000000..47e787f
--- /dev/null
+++ b/pam-webserver
@@ -0,0 +1,4 @@
+#%PAM-1.0
+
+auth include common-auth
+account include common-account