we need pam-devel installed on the build machine and then it will automatically go into the "server" package.

validated that auth_pam taken from 10.1.21 server enables pam authentication on centos7.

fixed in 1.0.7-2 build by adding in additional build libraries. These are needed for the mariadb-server that we previously werent building with

gperf libaio-devel libevent-devel python-devel ruby-devel tree wget pam-devel krb5-devel

To verify this the following docs are useful context (ignore user mapping on the 2nd one unless you want to configure that):
https://mariadb.com/kb/en/mariadb/pam-authentication-plugin/
https://mariadb.com/resources/blog/configuring-pam-authentication-and-user-mapping-mariadb

setup steps to test local linux auth as the pam source for centos7

Grant mysql user access to /etc/shadow:
sudo groupadd shadow
sudo usermod -a -G shadow mysql
sudo chown root:shadow /etc/shadow
sudo chmod g+r /etc/shadow

Create /etc/pam.d/mysql:
auth required pam_unix.so
account required pam_unix.so

Restart columnstore so mariadb recognizes group membership

mcsmysql
> INSTALL SONAME 'auth_pam';
>GRANT SELECT ON db.* TO david IDENTIFIED VIA pam

mcsmysql -u david -p

enter unix password for david and should auth succesfully.

dleeyh - can you confirm this on some other platforms and ensure auth_pam.so is installed on each distro?

Appears to be a similar problem to MCOL-591 that auth_pam.so is not included in the server deb file. I'd assume it's the same list, i just checked debian which is missing it, and centos7 rpm which does have it.

packages rebuilt and now have the correct packages