Skip to content

devkral/rpam2

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

rpam2

DESCRIPTION:

This extension provides a PAM (Pluggable Authentication Modules)
integration to ruby. It is inspired by rpam but provides more functionality
and is licensed under MIT.

EXAMPLE:

require 'rpam2'

if Rpam2.auth("servicename", "user", "password")
  puts "Authentication successful"
else
  puts "Authentication failed"
end

puts Rpam2.listenv(nil, "user", "password") # uses default (rpam)
puts Rpam2.listenv("servicename", "user", "password")
puts Rpam2.listenv("servicename", "user", "password", true)
puts Rpam2.listenv("servicename", "user", "password", true, "RUSER", "RHOST")
puts Rpam2.listenv("servicename") # error

REQUIREMENTS:

  • pam-dev (except test mode)

  • ruby-dev

INSTALL:

gem install rpam2

or if it should not depend on pam (test mode):

ALLOW_NOPAM=true gem install rpam2

WARNING: Don’t use rpam2 for anything except for tests in this mode. It isn’t safe.

Or manually:

  • gem build rpam2.gemspec

  • gem install ./rpam2-4.0.0.gem

Usage:

require ‘rpam2’

Rpam2.auth(“servicename”, “username”, “password”, [“RUSER”, “RHOST”]) => (true/false)

Rpam2.account(“servicename”, “username”) => (true/false)

Rpam2.getenv(“servicename”, “username”, “password”, “envvar”, [opensession(true/false), [“RUSER”, “RHOST”]]) => (string/nil)

Rpam2.listenv(“servicename”, “username”, “password”, [opensession(true/false), [“RUSER”, “RHOST”]]) => (hash/nil)

Testing:

For test purposes can Rpam2 be filled with fake data. For this mode pam is not neccessary but then you may should not access not specified services. Only services in fake_data are emulated the rest is redirected to real or stub pam (if pam was not available).

Rpam2.fake_data = { usernames: Set[‘alex’, ‘hugo’, ‘thomas’], servicenames: Set[‘service1’, ‘service2’], password: ‘123456’, env: { email: ‘[email protected]’} }