Warning, /plasma/kscreenlocker/README.pam is written in an unsupported language. File is not indexed. 

0001 KScrenLocker and PAM
0002 --------------------
0003 
0004 KScreenLocker can be configured to support the PAM ("Pluggable Authentication
0005 Modules") system for password checking (for unlocking the display).
0006 
0007 PAM is a flexible application-transparent configurable user-authentication 
0008 system found on FreeBSD, Solaris, and Linux (and maybe other unixes).
0009 
0010 Information about PAM may be found on its homepage
0011       http://www.kernel.org/pub/linux/libs/pam/
0012 (Despite the location, this information is NOT Linux-specific.)
0013 
0014 
0015 Known Solaris Issues:
0016 --------------------
0017 
0018 For compiling PAM support on Solaris, PAM_MESSAGE_CONST must NOT
0019 be defined. This should now be handled automatically by the
0020 configure script.
0021 
0022 
0023 Using PAM
0024 ---------
0025 
0026 By default, PAM is automatically used, if it is found.
0027 
0028 If PAM is found, Plasma by default uses the PAM service "kde". You may
0029 override it for KScreenLocker by using -DKSCREENLOCKER_PAM_SERVICE=<service>.
0030 
0031 A valid PAM service definition must be specified, either by installing
0032 files into /etc/pam.d/ or by adding service configuration to /etc/pam.conf.
0033 
0034 Either a valid "kde" service must be installed (or copied from the "login"
0035 service), or an alternative service must be specified using one of the
0036 definitions above.  If the service is misconfigured, you will NOT be able
0037 to unlock a locked screen!
0038 
0039 If there is ever any doubt about which PAM service a program was
0040 compiled with, it can be determined by examining the PAM-generated 
0041 entries in the system log associated with KScreenLocker authentication
0042 failures.
0043 
0044 PAM configuration files have four types of entries for each service,
0045 however KScreenLocker only uses the "auth" entries.  Other programs
0046 using PAM may use other entries.
0047 
0048 There may be more than one entry of each type. Check existing PAM
0049 configuration files and PAM documentation on your system for guidance as
0050 to what entries to make.  If you call a PAM service that is not
0051 configured, the default action of PAM is likely to be denial of service.
0052 
0053 Note: Screen lockers typically only authenticate a user to allow her to
0054 continue working. They may also renew tokens etc., where supported.
0055 See the Linux PAM Administrators guide, which is part of the PAM
0056 distribution, for more details. 
0057 
0058