Skip to content
Snippets Groups Projects
Unverified Commit 53129dab authored by Nik | Klampfradler's avatar Nik | Klampfradler
Browse files

Rename to nss-pam-webapi

parent 832d9e4a
No related branches found
No related tags found
No related merge requests found
......@@ -9,7 +9,7 @@ build:
- apt-get -y install libjq-dev libonig-dev libpam0g-dev
script:
- cargo build --release
- strip target/release/libnss_pam_oidc.so
- strip target/release/libnss_pam_webapi.so
artifacts:
paths:
- target/release/libnss_pam_oidc.so
- target/release/libnss_pam_webapi.so
[package]
name = "nss_pam_oidc"
name = "nss_pam_webapi"
version = "0.1.0"
authors = ["Dominik George <dominik.george@teckids.org>"]
edition = "2018"
description = "NSS/PAM modules for OpenID Connect/OAuth2"
repository = "https://edugit.org/lanki.cloud/glue/nss-pam-oidc"
description = "NSS/PAM modules for use with Web APIs (OAuth 2.0, REST)"
repository = "https://edugit.org/lanki.cloud/glue/nss-pam-webapi"
license = "Apache-2.0"
categories = ["authentication", "os", "os::linux-apis"]
[lib]
name = "nss_pam_oidc"
name = "nss_pam_webapi"
crate-type = [ "cdylib" ]
[dependencies]
......
# NSS/PAM modules for OpenID Connect/OAuth2
# NSS/PAM modules for use with Web APIs (OAuth 2.0, REST)
`nss-pam-oidc` is a multi-purpose shared library that links Linux
`nss-pam-webapi` is a multi-purpose shared library that links Linux
system authentication (PAM) and name resolution for users and groups
(NSS) to an OAuth2 API.
It is "multi-purpose" because it builds a single shared object file
exposing both the APIs of PAM and NSS. It can be used:
* in `/lib/security/pam_oidc.so` as PAM module
* in `/lib/libnss_oidc.so` as NSS database module
* in `/sbin/nss_pam_oidc_cached` as caching daemon to speed up requests
* in `/lib/security/pam_webapi.so` as PAM module
* in `/lib/libnss_webapi.so` as NSS database module
* in `/sbin/nss_pam_webapi_cached` as caching daemon to speed up requests
## System authentication (PAM module)
......@@ -100,7 +100,7 @@ It can only be used if the OAuth server used supports refresh tokens
so will break name resolution once the access token expires until
the user logs in anew).
## Caching daemon (`nss_pam_oidc_cached`)
## Caching daemon (`nss_pam_webapi_cached`)
The caching daemon is a system service that periodically keeps data
from the API up to date. It handles the following data:
......
......@@ -3,12 +3,12 @@ auth_url = "https://ticdesk-dev.teckids.org/oauth/authorize/"
token_url = "https://ticdesk-dev.teckids.org/oauth/token/"
[pam]
# You might want to put these into a separate file nss_pam_oidc.secret.toml!
# You might want to put these into a separate file nss_pam_webapi.secret.toml!
client_id = "Df1cpPEBsbG64oZ1Q1L8NetH1UKNBUyA5qhxg1Zh"
client_secret = ""
[nss]
# You might want to put these into a separate file nss_pam_oidc.secret.toml!
# You might want to put these into a separate file nss_pam_webapi.secret.toml!
client_id = "z8Oz0tG56QRo9QEPUZTs5Eda410FMiJtYxlInxKE"
client_secret = ""
......
const BASE_NAME: &str = "nss_pam_oidc";
const BASE_NAME: &str = "nss_pam_webapi";
// Modules and macro imports for our own code
#[macro_use] extern crate log;
......
......@@ -157,4 +157,4 @@ impl PasswdHooks for OidcPasswd {
}
}
libnss_passwd_hooks!(oidc, OidcPasswd);
libnss_passwd_hooks!(webapi, OidcPasswd);
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment