engine startup daemon security

On Solaris™ and Linux® systems, the esd uses pluggable authentication modules (PAM) to authenticate users. The PAM service name is cmsynergy. So the esd can authenticate users, the PAM configuration must be updated to specify the authentication methods to use for the cmsynergy service, unless a reasonable default exists.

The following are sample additions to a Solaris /etc/pam.conf file:

cmsynergy         auth       required    pam_unix_auth.so.1
cmsynergy         account    required    pam_unix_account.so.1

The following are sample additions to a Linux® /etc/pam.d/cmsynergy file:

auth           required   /lib/security/pam_stack.so 
service=system-auth
auth           required   /lib/security/pam_nologin.so
account        required   /lib/security/pam_stack.so 
service=system-auth

AIX® has its own configuration scheme instead of using PAM. AIX® authentication is through its base operating system.

For additional information about configuring PAM, see your system documentation.


Feedback