That recipe shows how to configure redmine to use PAM authentication. It includes the PAM authentication plugin code.


  • a working redmine installation
  • libpam0g-dev (debian package)
  • rpam (gem)

Install dependences

$ sudo aptitude install libpam0g-dev
$ sudo gem install rpam

Testing rpam

Write that in a auth.rb file:


require 'rubygems'
require 'rpam'
include Rpam

user = ARGV[0]
system "stty -echo"
pass = STDIN.gets.strip
system "stty echo"

if authpam(user, pass) == true
      puts "Authenticate Successful"
      puts "Authenticate Failure"

And run it with:

$ ruby ./auth.rb peter
{write password here}
Authenticate Successful

The plugin

Following the instruction of Alternative (custom) Authentication HowTo, I wrote that trivial (but working) plugin:

[ auth_source_pam.rb]

require 'rubygems'
require 'rpam'
include Rpam

class AuthSourcePam < AuthSource

  def authenticate(login, password)
    logger.debug "replacement PAM auth called" if logger && logger.debug?

    return nil if login.blank? or password.blank? or not authpam(login, password)

    return [:firstname => login]

  def auth_method_name


Put that file in /usr/share/redmine/app/models/ (in the case of Debian)

Register the plugin

Like the Authentication HowTo say, you must insert a record in the auth_sources database table. I use sqlite3 so in my case I did:

$ sqlite3 /var/lib/dbconfig-common/sqlite3/redmine/instances/default/redmine_default
sqlite> insert into auth_sources values (NULL, 'AuthSourcePam', 'Pam', 'localhost', 1, 'user', 'pass', 'app', 'name', 'firstname', 'lastname', 'email', 1, 0);

Selecting authentication method

Now, you must restart redmine and go to the user administration page. In the “Authentication” section there is now a new option called “Authentication mode” and you may select among “internal” or “Pam”. That is all.



I’m sorry if the plugin code contains errors, but it is my very first Ruby program. Please, comment if you have some suggestion or problem.


blog comments powered by Disqus