3.5. Technical Details of Authentication

You only need to read this section if you think you are having authentication difficulties. It explains how authentication is done depending on the method you chose. Authentication is concerned with verifying that a particular username and password is valid for a given user on your platform. The installation script gives various authentication choices and a default value. The default value is usually the one that you'll need as it is based on your previous selection of the operating system being used. A good rule of thumb though is, if your operating system has working PAM authentication then use it.

The various other authentication choices are either platform specific (e.g. for AIX and HP-UX) or more general. Most of the time you'll be able to use to following options but see the notes below.

For AIX and HP-UX the above are the only possible choices.

If the above options do not work or you have a different operating system then here is a description of the possible choices which will hopefully guide you in selecting the correct one. Many will work with NIS (e.g. shadow, rshadow).

noshadow

In general this is used if your system has a /etc/passwd file which contains encrypted passwords and only a getpwnam() system call (man getpwnam). It is also used by early versions of MacOSX which had an unusual authentication system.

rnoshadow

This can be used if your system has a /etc/passwd file which contains encrypted passwords and your system has the re-entrant getpwnam_r() call (man getpwnam_r).

shadow

This can be used if your system has an /etc/shadow file (or equivalent) and your /etc/passwd file therefore does not contain encrypted passwords. It is used when you have the getspnam() and getpwnam() system calls (man getspnam, man getpwnam).

rshadow

This is the re-entrant version of shadow password access. It can be used if your system has a /etc/shadow file (or equivalent) and your /etc/passwd file therefore does not contain encrypted passwords. If your platform has both the getspnam_r() and the getpwnam_r() re-entrant system calls then use this option (man getspnam_r, man getpwnam_r).

PAM

This is the preferred choice if your operating system has working PAM authentication set up. One of the above options may also work.

aixshadow

This is solely for AIX systems. It uses the getuserpw() and getpwnam() system calls.

hpuxshadow

This is solely for HP-UX systems. It uses the getspnam() and getpwnam_r() system calls. It also checks for 'trusted' setups with the iscomsec() system call.

If your system fits into none of the above categories then the authentication will not work. You should then contact the EMBOSS developers (emboss-bug@emboss.open-bio.org), preferably with details of which system calls your platform uses for authentication. Hopefully, it will be possible to incorporate your system's authentication scheme into the EMBOSS distribution.