Skip to content

Turning a Raspberry Pi into a PAM

Jump to bottom
Matthew Martin edited this page Mar 16, 2020 · 13 revisions

This is an initial attempt to document how we have set up our Raspberry Pis to act as PAM appliances.

Note the instructions below should be valid for Raspbian based on Stretch and Buster

List of Parts

  • Raspberry Pi 3 B+
  • HifiBerry digi i/o or HifiBerry DAC+ ADC
  • Official Raspberry Pi Touchscreen
  • SmartiPi Touch case
  • Raspberry Pi PSU
  • SDHD Card
  • Latest version of Raspbian

Setup instructions

Install Raspbian as instructed.

Boot the Pi and follow the on screen instructions to enter the initial settings and update the installed software to the latest version

Allow SSH

Setup basic user

Open a terminal session

Create a new user called pam

sudo adduser pam

Set password to something sensible

Add user to group netdev

sudo adduser pam netdev

Make sure file /etc/dhcpcd/dhcpcd.conf is in group netdev

Change the startup so that user pam is the default login and disable the screen from blanking

Edit /etc/lightdm/lightdm.conf

Change line autologin-user=pi to autologin-user=pam

Find the section [SeatDefaults]

Make sure there is a line like the below (remove any # prefix)

xserver-command=X -s 0 -dpms

Allow application to reboot pi

sudo visudo -f /etc/sudoers

Add the following lines:

  • pam ALL=NOPASSWD:/sbin/shutdown
  • pam ALL=NOPASSWD:/usr/sbin/ntpd
  • pam ALL=NOPASSWD:/bin/mount
  • pam ALL=NOPASSWD:/bin/umount
  • pam ALL=NOPASSWD:/sbin/service

Set Static multicast route

Edit /lib/dhcpcd/dhcpcd-hooks/40-route

Add line

ip route add 224.0.0.0/4 dev eth0

Install application and libraries

Install the libraries and build Pam as described in readme.md Don’t install it though

Make a directory /home/pam/pam

Make a directory /home/pam/pam/bin and copy executables to it

Make a directory /home/pam/pam/lib and copy all libs to it keeping their directory structure

Create soft links

  • ln –s /home/pam/pam/bin/pam2 /usr/local/bin/pam2
  • ln –s /home/pam/pam/lib /usr/local/lib/pam2

Edit /etc/ld.so.conf.d/pam2.conf

Add line

/usr/local/lib/pam2

Save and then type

sudo ldconfig

Startup options

Stop the text messages and remove the raspberries at startup sudo nano \boot\cmdline.txt Make sure the line contains the following logo.nologo quiet console=tty3 splash

Remove the rainbow splash sudo nano \boot\config.txt

Add the line disable_splash=1

Copy splash.png to ** /usr/share/plymouth/themes/pix/splash.png **

Install xterm

sudo apt install xterm

Stop auto-mounting of USB drives

nano /home/pam/.config/pcmanfm/LXDE-pi/pcmanfm.conf

Change all the settings in the ** [volume] ** section to ** 0 **

Extra steps for PTP support

In order to enable PTP support you need to install authbind to allow PAM to access network ports 319 and 320

sudo apt-get install authbind
sudo touch /etc/authbind/byport/319
sudo touch /etc/authbind/byport/320
sudo chown pam /etc/authbind/byport/319
sudo chown pam /etc/authbind/byport/320
sudo chmod u+x /etc/authbind/byport/319
sudo chmod u+x /etc/authbind/byport/320

Set Pi to auto start application

In Stretch edit /home/pam/.config/lxsession/LXDE-pi/autostart

In Buster edit /etc/xdg/lxsession/LXDE-pi/autostart

Add line

@/usr/bin/pam2

Or if wanting PTP support

@/usr/bin/authbind pam2

Remove all other lines

REBOOT

Clone this wiki locally