Connecting CODESYS PLC User Management to Linux User Management via PAM
The native Linux user management can be used as a backend for the CODESYS PLC user management (database). In this way, you can use the existing Linux users and groups for PLC user management within CODESYS.
CODESYS Control for Linux SL
CODESYS Control for Linux ARM SL
CODESYS Control for Linux ARM64 SL
CODESYS Virtual Control for Linux SL
CODESYS Virtual Control for Linux ARM SL
CODESYS Virtual Control for Linux ARM64 SL
The PAM libraries must be installed on the Linux system (
libpam.so).The CODESYS controller must be configured to use the PAM backend (see Step 5 in the instruction below).
Note
The user and group backend is "read-only". Therefore, no data from the CODESYS user management is written to the Linux user management. You cannot add or remove Linux users and Linux groups. However, you can add, remove, or change the permissions of these users and groups in the CODESYS user management.
Stop the runtime environment, for example via f the Deploy Tool.
Add the Linux user group
codesyscontroladminto your system, for example via the following command.(ssh):sudo groupadd codesyscontroladminAdd the user to this group who you want to use for the initial installation (
<username>), for example via the following command.(ssh):sudo usermod -aG codesyscontroladmin <username>
Log in again via
sshand use thegroupscommand to check that the group has been added correctly. The groupcodesyscontroladminshould be included in this list.Configure the PAM backend.
Edit the
cfgfile and change the following section, or add the section if it does not already exist:[CmpUserMgr] UserDBBackend=0x0000007A UserDBConfigBackend=0 UserGroupsDBBackend=0x0000007A UserGroupsDBConfigBackend=0
Then restart the runtime environment.
Now you can log in to your PLC from CODESYS and use this Linux user name (
<username>) and the corresponding Linux password for the initial setup.