File: cvm.html

package info (click to toggle)
cvm 0.11-2
  • links: PTS
  • area: main
  • in suites: woody
  • size: 492 kB
  • ctags: 215
  • sloc: ansic: 1,777; makefile: 48; sh: 12
file content (53 lines) | stat: -rw-r--r-- 1,933 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<html>
<body>
<h1>CVM: Credential Validation Module</h1>

<p><a href="protocol.html">CVM Protocol Description</a>
<br><a href="facts.html">CVM Fact Definitions</a>
<br><a href="client.html">CVM Client Library</a>
<br><a href="module.html">CVM Module Library</a>
<br><a href="errors.html">CVM Error Values</a>
<br><a href="rationale.html">CVM Design Rationale</a>
</p>

<p><a href="cvm-checkpassword.html">The cvm-checkpassword Program</a>
<br><a href="cvm-testclient.html">The cvm-testclient Program</a>
<br><a href="cvm-benchclient.html">The cvm-benchclient Program</a>
</p>

<p><a href="cvm-unix.html">The cvm-unix Module</a>
<br><a href="cvm-pwfile.html">The cvm-pwfile Module</a>
<br><a href="cvm-mysql.html">The cvm-mysql Module</a>
<br><a href="cvm-pgsql.html">The cvm-pgsql Module</a>
</p>

<hr>

<p>CVM is a framework for validating a set of credentials against a
database using a filter program.  The modules act as a filter, taking
a set of credentials as input and writing a set of facts as output if
those credentials are valid.  Optional input is given to the module
through environment variables.</p>

<p>Some of the ideas for CVM came from experience with PAM (pluggable
authentication modules), the <a
http="http://cr.yp.to/checkpwd.html">checkpassword</a> interface used
by <tt>qmail-pop3d</tt>, and the "authmod" interface used by Courier
IMAP and POP3.  This framework places fewer restrictions on the
invoking client than checkpassword does, and is much simpler to
implement on both sides than PAM and the authmod framework.</p>

<h2>Contact Modes</h2>

<p>CVM modules may be contacted by one of three modes:<ol>

<li>Command execution: Use a module name of
<tt>cvm-command:/path/to/command</tt>.  The <tt>cvm-command:</tt>
prefix is optional.

<li>UNIX (or local) domain socket:  Use a module name of
<tt>cvm-local:/path/to/socket</tt>.

<li>UDP:  Use a module name of <tt>cvm-udp:hostname:port</tt>.

</ol></p>