Skip to content

Commit

Permalink
Formatting
Browse files Browse the repository at this point in the history
  • Loading branch information
@kuon
kuon committed Aug 19, 2020
1 parent 3af5652 commit 501e6f6
Showing 1 changed file with 40 additions and 36 deletions.
76 changes: 40 additions & 36 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,42 +18,46 @@ arbitrary vendor attributes.
#### Flow example

```
+-----------------+----------------------+---------------------+------------------------+-----------------------------------------+
| User | Linux System | NSS Module | PAM Module | Radius Server |
+=================+======================+=====================+========================+=========================================+
| Enters login | ----> | | | |
+-----------------+----------------------+---------------------+------------------------+-----------------------------------------+
| | <---- | Map the request | | |
| | | to the default user | | |
+-----------------+----------------------+---------------------+------------------------+-----------------------------------------+
| <---- | Requests password | | | |
+-----------------+----------------------+---------------------+------------------------+-----------------------------------------+
| Enters password | ----> | | | |
+-----------------+----------------------+---------------------+------------------------+-----------------------------------------+
| | Auth user | | ----> | |
+-----------------+----------------------+---------------------+------------------------+-----------------------------------------+
| | | | Check the credentials | ----> |
| | | | (username, password) | |
| | | | with the Radius server | |
+-----------------+----------------------+---------------------+------------------------+-----------------------------------------+
| | | | <---- | Validate user and if valid, |
| | | | | returns the requested vendor attributes |
+-----------------+----------------------+---------------------+------------------------+-----------------------------------------+
| | | <---- | Save the user | |
| | | | details in the NSS db | |
+-----------------+----------------------+---------------------+------------------------+-----------------------------------------+
| | <---- | | Allow or deny user | |
+-----------------+----------------------+---------------------+------------------------+-----------------------------------------+
| <---- | Start `radius_shell` | | | |
+-----------------+----------------------+---------------------+------------------------+-----------------------------------------+
| | `radius_shell` | ----> | | |
| | checks the NSS DB | | | |
| | before spawing the | | | |
| | real user shell | | | |
+-----------------+----------------------+---------------------+------------------------+-----------------------------------------+
| <---- | Start real shell | | | |
| | after `setuid` | | | |
+-----------------+----------------------+---------------------+------------------------+-----------------------------------------+
+-----------------+----------------------+-----------------+------------------------+------------------+
| User | Linux System | NSS Module | PAM Module | Radius Server |
+=================+======================+=================+========================+==================+
| Enters login | ----> | | | |
+-----------------+----------------------+-----------------+------------------------+------------------+
| | <---- | Map the request | | |
| | | to the default | | |
| | | user | | |
+-----------------+----------------------+-----------------+------------------------+------------------+
| <---- | Requests password | | | |
+-----------------+----------------------+-----------------+------------------------+------------------+
| Enters password | ----> | | | |
+-----------------+----------------------+-----------------+------------------------+------------------+
| | Auth user | | ----> | |
+-----------------+----------------------+-----------------+------------------------+------------------+
| | | | Check the credentials | ----> |
| | | | (username, password) | |
| | | | with the Radius server | |
+-----------------+----------------------+-----------------+------------------------+------------------+
| | | | <---- | Validate user |
| | | | | and if valid, |
| | | | | returns the |
| | | | | requested vendor |
| | | | | attributes |
+-----------------+----------------------+-----------------+------------------------+------------------+
| | | <---- | Save the user | |
| | | | details in the NSS db | |
+-----------------+----------------------+-----------------+------------------------+------------------+
| | <---- | | Allow or deny user | |
+-----------------+----------------------+-----------------+------------------------+------------------+
| <---- | Start `radius_shell` | | | |
+-----------------+----------------------+-----------------+------------------------+------------------+
| | `radius_shell` | ----> | | |
| | checks the NSS DB | | | |
| | before spawing the | | | |
| | real user shell | | | |
+-----------------+----------------------+-----------------+------------------------+------------------+
| <---- | Start real shell | | | |
| | after `setuid` | | | |
+-----------------+----------------------+-----------------+------------------------+------------------+
```


Expand Down

0 comments on commit 501e6f6

Please sign in to comment.