Configuring a Pluggable Authentication Module (PAM) for UNIX

Set up Event Stream Processor to support username and password (Native OS) login using accounts on the UNIX operating system.

  1. Using a login account with root privileges, configure the pluggable authentication module for your platform:
    Platform Action
    Solaris Append the contents of the <Install-dir>/ESP-5_1/security/pam/pam.conf file (provided with Event Stream Processor) to the /etc/pam.conf file on your Solaris platform.
    Linux

    If you are installing on RHEL 6, copy the <Install-dir>/ESP-5_1/security/pam/rhel6/sybase-csi file (provided with Event Stream Processor) to the /etc/pam.d directory on your Linux platform.

    For previous versions of RHEL, copy the <Install-dir>/ESP-5_1/security/pam/sybase-csi file (provided with Event Stream Processor) to the /etc/pam.d directory on your Linux platform.

    Note: The sybase-csi file provided with Sybase Control Center is not compatible with the most recent SUSE Linux versions. For SUSE 11 and later, see the example at the end of this topic.
    Note: In the table above, the portion of the path that indicates the operating system might differ slightly from what is shown.
  2. If the host UNIX system is not using a directory lookup for authentication (yp or NIS, for example) and authentication is carried out against the local /etc/passwd file, change the permissions on /etc/shadow to provide read access to the login account that executes Event Stream Processor.

Example: PAM for SUSE Linux 11 and later

For SUSE 11 and later, do not use the sybase-csi file provided with Event Stream Processor. Instead, in your /etc/pam.d directory, create a sybase-csi file that contains: 
# sybase-csi PAM Configuration (SUSE style)
auth       include      common-auth
account    include      common-account
password   include      common-password
session    include      common-session
Parent topic: Security in Event Stream Processor