You are viewing the documentation for a prerelease version. View Latest

pam_userdb

pam_userdb is a PAM module to authenticate against a db database. It is used to verify a username/password pair against values stored in a key/data pairs style database (i.e. Berkeley DB, GDBM). The database is indexed by the username, and the data fields corresponding to the username keys are the passwords. This module is most notably used in vsftpd environments.

Recently, pam_userdb switched its database provider from Berkeley DB to GDBM. If your system uses this module to authenticate users you need to convert the database to the new format.

Determining whether you are using pam_userdb

The way to determine if you are using pam_userdb, is to check the PAM stack:

$ grep -r pam_userdb /etc/pam.d/
/etc/pam.d/vsftpd:auth         sufficient      pam_userdb.so db=/etc/vsftpd/login

If you are not using pam_userdb, then the search will return no values and you don’t have to do anything.

Converting the database

libdb package contains a binary that will handle the conversion for you. You only need to run it by providing the source and destination database files:. Example:

$ db_converter --src /etc/vsftpd/login.db --dest /etc/vsftpd/login.gdbm

Additional Resources

Want to help? Learn how to contribute to Fedora Docs ›