This extension provides a PAM (Pluggable Authentication Modules) integration to ruby. It is inspired by rpam but provides more functionality and is licensed under MIT.
require 'rpam2' if Rpam2.auth("servicename", "user", "password") puts "Authentication successful" else puts "Authentication failed" end puts Rpam2.listenv(nil, "user", "password") # uses default (rpam) puts Rpam2.listenv("servicename", "user", "password") puts Rpam2.listenv("servicename", "user", "password", true) puts Rpam2.listenv("servicename", "user", "password", true, "RUSER", "RHOST") puts Rpam2.listenv("servicename") # error
-
pam-dev (except test mode)
-
ruby-dev
gem install rpam2
or if it should not depend on pam (test mode):
ALLOW_NOPAM=true gem install rpam2
WARNING: Don’t use rpam2 for anything except for tests in this mode. It isn’t safe.
Or manually:
-
gem build rpam2.gemspec
-
gem install ./rpam2-4.0.0.gem
require ‘rpam2’
Rpam2.auth(“servicename”, “username”, “password”, [“RUSER”, “RHOST”]) => (true/false)
Rpam2.account(“servicename”, “username”) => (true/false)
Rpam2.getenv(“servicename”, “username”, “password”, “envvar”, [opensession(true/false), [“RUSER”, “RHOST”]]) => (string/nil)
Rpam2.listenv(“servicename”, “username”, “password”, [opensession(true/false), [“RUSER”, “RHOST”]]) => (hash/nil)
For test purposes can Rpam2 be filled with fake data. For this mode pam is not neccessary but then you may should not access not specified services. Only services in fake_data are emulated the rest is redirected to real or stub pam (if pam was not available).
Rpam2.fake_data = { usernames: Set[‘alex’, ‘hugo’, ‘thomas’], servicenames: Set[‘service1’, ‘service2’], password: ‘123456’, env: { email: ‘me@example.com’} }