...
This script reads the following environment variables:
PAM_USER | The system user for whom the PAM operation is running |
PAM_AUTHTOK | The user's password (in case of a password change operation, the new password) |
PAM_SERVICE | The service that invoked PAM (e.g. sshd when the user is attempting to log in through SSH) |
This script checks, first, if it is running as root or not (the PAM stack does not necessary run as root, but as the user as which the service that invoked it is running). If it is, it proceeds to encrypt the user's password (${PAM_AUTHTOK}) and update it in the 'value' column of the 'radcheck' table in the 'radius' MySQL database
Installation
Replication of production setup
...