Skip to content

Turning a Raspberry Pi into a PAM

Jump to bottom
Matthew Martin edited this page Jan 28, 2020 · 13 revisions

This is an initial attempt to document how we have set up our Raspberry Pis to act as PAM appliances.

Note the instructions below should be valid for Raspbian based on Stretch and Buster

List of Parts

  • Raspberry Pi 3 B+
  • HifiBerry digi i/o or HifiBerry DAC+ ADC
  • Official Raspberry Pi Touchscreen
  • SmartiPi Touch case
  • Raspberry Pi PSU
  • SDHD Card
  • Latest version of Raspbian

Setup instructions

Install Raspbian as instructed.

Boot the Pi and follow the on screen instructions to enter the initial settings and update the installed software to the latest version

Allow SSH

Setup basic user

Open a terminal session

Create a new user called pam

sudo adduser pam

Set password to something sensible

Add user to group netdev

sudo adduser pam netdev

Make sure file /etc/dhcpcd/dhcpcd.conf is in group netdev

Change the startup so that user pam is the default login and disable the screen from blanking

Edit /etc/lightdm/lightdm.conf

Change line autologin-user=pi to autologin-user=pam

Find the section [SeatDefaults]

Make sure there is a line like the below (remove any # prefix)

xserver-command=X -s 0 -dpms

Allow application to reboot pi

sudo visudo -f /etc/sudoers

Add the following lines:

  • pam ALL=NOPASSWD:/sbin/shutdown
  • pam ALL=NOPASSWD:/usr/sbin/ntpd
  • pam ALL=NOPASSWD:/bin/mount
  • pam ALL=NOPASSWD:/bin/umount
  • pam ALL=NOPASSWD:/sbin/service

Set Static multicast route

Edit /lib/dhcpcd/dhcpcd-hooks/40-route

Add line

ip route add 224.0.0.0/4 dev eth0

Install application and libraries

Install the libraries and build Pam as described in readme.md Don’t install it though

Make a directory /home/pam/pam

Make a directory /home/pam/pam/bin and copy executables to it

Make a directory /home/pam/pam/lib and copy all libs to it keeping their directory structure

Create soft links

  • ln –s /home/pam/pam/bin/pam2 /usr/bin/pam2
  • ln –s /home/pam/pam/lib /usr/lib/pam2

Edit /etc/ld.so.conf.d/pam2.conf

Add line

/usr/lib/pam2

Save and then type

sudo ldconfig

• Copy splash.png to /usr/share/plymouth/themes/pix/splash.png

Extra steps for PTP support

In order to enable PTP support you need to install authbind to allow PAM to access network ports 319 and 320

` sudo apt-get install authbind

sudo cat /etc/authbind/byport/319

sudo cat /etc/authbind/byport/320

sudo chown pam /etc/authbind/byport/319

sudo chown pam /etc/authbind/byport/320

sudo chmod u+x /etc/authbind/byport/319

sudo chmod u+x /etc/authbind/byport/320 `

Set Pi to auto start application

Edit /home/pam/.config/lxsession/LXDE-pi/autostart

Add line

@/usr/bin/pam2

Or if wanting PTP support

@/usr/bin/authbind pam2

Remove all other lines

REBOOT

Clone this wiki locally