~hrvojem/percona-pam-for-mysql/theme-makefile

« back to all changes in this revision

Viewing changes to doc/source/manual.rst

Committer: Laurynas Biveinis
Date: 2011-11-14 13:59:59 UTC
mfrom: (13.1.3 docs)
Revision ID: laurynas.biveinis@percona.com-20111114135959-4jxfjsd0yynvlyy6

Merge lp:~stewart/percona-pam-for-mysql/basic-docs

files modified:
doc/source/faq.rst

doc/source/index.rst

doc/source/installation.rst

doc/source/manual.rst

Show diffs side-by-side

added added

removed removed

doc/source/manual.rst

:maxdepth: 1

:hidden:

Manual goes here.

Configuring PAM for MySQL

=========================

You will need to configure PAM on your system for how it should authenticate for MySQL. A simple setup can be to use the standard UNIX authentication method.

*NOTE:* Using pam_unix means the MySQL Server needs to read the `/etc/shadow` file, which usually means it has to be run as `root` - usually not a recommended configuration.

A sample `/etc/pam.d/mysqld` file: ::

auth required pam_unix.so

account required pam_unix.so

For added information in the system log, you can expand it to be: ::

auth required pam_warn.so

auth required pam_unix.so audit

account required pam_unix.so audit

Creating A User

===============

You will need to execute `CREATE USER` with specifying the PAM plugin. For example: ::

CREATE USER 'username'@'host' IDENTIFIED WITH auth_pam_server;

This creates a user `username` that can connect from `host` and will be authenticated using the PAM plugin. If you are using the `pam_unix` method in PAM (or similar) you will need to have an account for `username` existing on the system.

Older »