Hi, me and Pavel Reichl were developing pam_hbac and today we tagged our first release.
pam_hbac is a standalone PAM module for enforcing HBAC access control defined on an FreeIPA server. It is meant as a solution for platforms that do not ship with SSSD like Solaris or for setups where you can't use id_provider=ipa, like Amazon Linux or RHEL-5 machines using the compat tree. The project is being developed on github: https://github.com/jhrozek/pam_hbac You can grab the first release here: https://github.com/jhrozek/pam_hbac/releases Pavel and I also wrote a introductory blog post to get you started: https://jhrozek.wordpress.com/2016/05/26/pam_hbac-a-pam-module-to-enforce-ipa-access-control-rules/ Enjoy! -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project