Fedora Core: PAM_abl Module installation help
I have limited knowledge of Linux and need to install the pam_abl module on a Fedora Core Linux used as a web server. The server is configured to use sendmail (and maybe postfix) as the Mail Transfer Agent. The pam_abl module would seem to solve the problem of repeated failed login attempts by malicious attacks. My goal is to fix this problem as soon as possible.
Not having much experience with Linux short of really basic exploration and simple commands, I am not certain what I need to do to install the module. Nor where the components need to be installed. Some files have comment lines indicating where they (should) need to be placed in the Linux directoy tree:
The package came with the following items: (I have recreated a tree view of these and my notes in colors as I can decipher)
------------------------------------------------
AUTHORS ...documentation only...no coding
conf/
.....pam_abl.conf ...config, db paths file
.....system-auth ...path listing
.....CVS/
..........Entries
..........Repository
..........Root
config.c ...C++ code files (functions,etc)
COPYING ...documentation only...no coding
Copyright ...documentation only...no coding
CVS/
.....Entries
.....Repository
.....Root
deps ...C++ code files (functions,etc)
doc/
.....copying.html
.....index.html
.....pam_abl.html
.....style.css
.....CVS/
..........Entries
..........Repository
..........Root
log.c ...C++ code files (functions,etc)
Makefile
NEWS ...documentation only...no coding
pam_abl.c ...C++ code files (functions,etc)
pam_abl.h ...C++ code files (functions,etc)
README ...documentation only...no coding
rule.c ...C++ code files (functions,etc)
THANKS ...documentation only...no coding
tools/
.....config.c ...C++ code files (functions,etc)
.....deps ...C++ code files (functions,etc)
.....log.c ...C++ code files (functions,etc)
.....Makefile
.....pam_abl.c ...C++ code files (functions,etc)
.....pam_abl.h ...C++ code files (functions,etc)
.....rule.c ...C++ code files (functions,etc)
.....CVS/
..........Entries
..........Repository
..........Root
------------------------------------------------
My proble lies in where to put these files. The only one that I can be sure of is pam_abl.conf because a comment line in the file implies it should be "/etc/security/pam_abl.conf". (The documentation files are not in question, but do not address my concerns either.) Is there a standard method to this tree. Are all these subflders with the "/etc/security" directory or are they scattered through other directories such as "/etc/mail". I would assume the system-auth file should be in the same directory as pam_abl.conf. What about the other files? All the ".c" files such as rules.c appear to be in the "/tools" subdirectory as well. Are two copies required, or is only one necessary? Does it belong in the same directory as pam_abl.conf, or in a "/tools" subdirectory?
The contents of the /etc/security/pam_abl.conf file are:
# /etc/security/pam_abl.conf
# debug
host_db=/var/lib/abl/hosts.db
host_purge=2d
host_rule=*:10/1h,30/1d
user_db=/var/lib/abl/users.db
user_purge=2d
user_rule=!root:10/1h,30/1d
I understand the rules (like "!root:10/1h,30/1d"), but is the location of the host_db and user_db a requirement? neither of the database files (host or user) exist, and neither does the "abl" directory. I can make the directory with no problem. But, do I need to create these ".db" files too, and if so, is there a required format to the data here? Is there a macro that makes them? Which file(s) does Makefile actually make?
If any one would be kind enough to walk me through a module installation, I would be greatful. Please remember that I am a newbie to the Linux system, but the Linux system is already live with a few domains attached. So I can't simply not bother with it. Thank you in advance for any time and help.
Last edited by empororvader; 11-13-2006 at 06:37 PM.
|