Configure wlauth for UNIX security realms

The wlauth program runs setuid root. You need root permissions to modify the ownership and file attributes on the wlauth program and to set up the PAM configuration file for wlauth.

To set up the wlauth program for the UNIX security realm:

If WebLogic Server is installed on a network drive, copy the wlauth file to a file system on the computer that executes WebLogic Server, for example, the /usr/sbin directory. The wlauth file is in the weblogic/server/native/solaris/sparc directory.
As the root user, run the following commands to change the wlauth owner and permissions: # chown root wlauth # chmod +xs wlauth
Set up the PAM configuration for wlauth.
On Solaris, add the following lines to your /etc/pam.conf file:
```
# Setup for WebLogic authentication on Solaris machines  
#  
wlauth auth required      /usr/lib/security/pam_unix.so.1   
wlauth password required  /usr/lib/security/pam_unix.so.1   
wlauth account required   /usr/lib/security/pam_unix.so.1
```
On Linux, create a file called /etc/pam.d/wlauth containing the following:
```
#%PAM-1.0  
#  
# File name:  
# 
/etc/pam.d/wlauth   
#  
# If you do not use shadow passwords, delete "shadow".  
auth required     /lib/security/pam_pwdb.so shadow  
account required  /lib/security/pam_pwdb.so
```
Note: Omitshadow if you are not using shadow passwords.

If wlauth is not in the WebLogic Server path or if you have given the program a name other than wlauth, you must add a Java command-line property when you start WebLogic Server. Edit the script you use to start WebLogic Server and add the following option after the java command:
```
-Dweblogic.security.unixrealm.authProgram=wlauth_prog
```
Replace wlauth_prog with the name of the wlauth program, including the full path if the program is not in the search path. Start WebLogic Server. If the wlauth program is in the WebLogic Server path and is named wlauth, this step is not needed.