PAM Configuration
Describes how to use PAM to verify passwords.
MapR uses Pluggable Authentication Modules (PAM) for password verification in
a variety of places. Make sure PAM is installed and configured on the node running the
mapr-webserver
, or other components that will use PAM to verify
passwords.
There are typically several PAM modules (profiles), configurable via configuration files in
the /etc/pam.d/
directory. Any component verifying user passwords tries
the following three profiles in order:
- sudo (
/etc/pam.d/sudo
) - sshd (
/etc/pam.d/sshd
) - mapr-admin (If you have created the
/etc/pam.d/mapr-admin
profile and the component checks beyond the first two profiles.)
The profile configuration file (for example, /etc/pam.d/sudo
) should
contain an entry corresponding to the authentication scheme used by your system. For
example, if you are using the simplest form of local OS authentication, check for an entry
similar to the following - consult with your Unix system administrator if you are
uncertain:
auth sufficient pam_unix.so # For local OS Auth
Component-Specific PAM Configurations
Some ecosystem components have unique requirements that require setup of a component-specific PAM configuration. See the Ecosystem Guide for the component.