PAM-modules Manual (split by section):   Section:   Chapter:FastBack: sql   Up: sql   FastForward: ldaphome   Contents: Table of ContentsIndex: Concept Index

6.4 Using SQL modules for session management.

Both pam_mysql and pam_pgsql can be used for session management. This makes it possible to use your SQL database instead of system wtmp/utmp files, or as a complement to them.

To enable SQL session management, the configuration file must define the following two variables:

session-start-query query

Defines the query to be executed when the session begins.

session-stop-query query

Defines the query to be executed when the session ends.

Before executing, both queries are subject to item expansion (see item expansion).

As an example, consider the following configuration file statements:

session-start-query INSERT INTO acct \
                    (status, username, tty, starttime) \
                    VALUES(0, '$user', now(), '$tty')
session-stop-query  UPDATE acct \
                    SET status=1,
                        sessiontime=age(now(), starttime) \
                    WHERE username='$user'

They assume that the PostgreSQL table ‘acct’ has the following structure:

status int

Status of the record: ‘0’ if the session is active, ‘1’ if it is closed.

username varchar(32)

User name.

tty varchar(16)

TTY from where the user logged in.

starttime timestamp

Time when the session was started.

sessiontime interval

Duration of the session if status=1.

PAM-modules Manual (split by section):   Section:   Chapter:FastBack: sql   Up: sql   FastForward: ldaphome   Contents: Table of ContentsIndex: Concept Index