Pluggable Authentication Modules for Linux
The first technology we're going to discuss is Pluggable Authentication Modules (PAM) for Linux, which is a set of libraries that offers a single point of authentication for Linux-based operating systems. This is effectively the backend upon which privilege escalating utilities within the system will hand over the responsibility of authentication in a dynamic and configurable fashion. System administrators are able to modify the way different sessions and services authenticate the system using module configurations. Through the use of modules, PAM makes each of the following authentication functions separately configurable:
Account management
Authentication management
Password management
Session management
OpenShift uses this mechanism and has developed a custom PAM module that assists in providing the multitenant nature of OpenShift gears.
Note
The source code for the OpenShift PAM module is also available as part of the origin-server Git repository found...
