[
https://issues.apache.org/jira/browse/RANGER-842?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15146258#comment-15146258
]
Bolke de Bruin commented on RANGER-842:
---------------------------------------
Ok I updated the patch to make it a bit more user friendly. [~rmani] see below
for the steps how to activate. Please note that due to missing header files
(and maybe libraries) on rangerqa-jenkins the build will fail. I don't know how
to solve this. "pam-devel" or "pam-dev" are the required packages.
* set ranger.authentication.method to PAM .
* create /etc/pam.d/ranger-remote (not configurable)
* create /etc/pam.d/ranger-admin (configurable)
* set ranger.pam.service property to "ranger-admin" (standard) or the name you
configured above
> Allow PAM for authentication
> ----------------------------
>
> Key: RANGER-842
> URL: https://issues.apache.org/jira/browse/RANGER-842
> Project: Ranger
> Issue Type: Improvement
> Components: admin
> Affects Versions: 0.5.1, 0.6.0
> Reporter: Bolke de Bruin
> Labels: authentication, security
> Fix For: 0.5.1, 0.6.0
>
> Attachments: 0002-RANGER-842-pam-authentication.patch
>
>
> Ranger currently uses shadow based authentication if configured for unix
> authentication. This way of authenticating is somewhat outdated as any recent
> Linux system (and many of the BSDs) have PAM available. PAM allows multiple
> authentication sources and also does authorization.
> Ranger should be able to use PAM for authentication
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
