diff options
| author | Thorsten Kukuk <kukuk@thkukuk.de> | 2006-06-04 12:11:15 +0000 |
|---|---|---|
| committer | Thorsten Kukuk <kukuk@thkukuk.de> | 2006-06-04 12:11:15 +0000 |
| commit | 5ab868cf378dd507deb5d65d48adab2cfaec2472 (patch) | |
| tree | ba57cf3de1c4686537497ce189c90f3f873d599a /modules/pam_rootok/pam_rootok.8 | |
| parent | 161f0b1576ce70384aeb006a1cdbc8a11971db0a (diff) | |
Relevant BUGIDs:
Purpose of commit: new feature
Commit summary:
---------------
2006-06-04 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_rootok/Makefile.am: Include Make.xml.rules.
* modules/pam_rootok/pam_rootok.8.xml: New.
* modules/pam_rootok/pam_rootok.8: New, generated from xml file.
* modules/pam_rootok/README.xml: New.
* modules/pam_rootok/README: Regenerated from xml file.
Diffstat (limited to 'modules/pam_rootok/pam_rootok.8')
| -rw-r--r-- | modules/pam_rootok/pam_rootok.8 | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/modules/pam_rootok/pam_rootok.8 b/modules/pam_rootok/pam_rootok.8 new file mode 100644 index 00000000..b1436f79 --- /dev/null +++ b/modules/pam_rootok/pam_rootok.8 @@ -0,0 +1,77 @@ +.\" Title: pam_rootok +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Date: 06/04/2006 +.\" Manual: Linux\-PAM Manual +.\" Source: Linux\-PAM Manual +.\" +.TH "PAM_ROOTOK" "8" "06/04/2006" "Linux\-PAM Manual" "Linux\-PAM Manual" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +pam_rootok \- Gain only root access +.SH "SYNOPSIS" +.HP 14 +\fBpam_rootok.so\fR [debug] +.SH "DESCRIPTION" +.PP +pam_rootok is a PAM module that authenticates the user if their +\fIUID\fR +is +\fI0\fR. Applications that are created setuid\-root generally retain the +\fIUID\fR +of the user but run with the authority of an enhanced effective\-UID. It is the real +\fIUID\fR +that is checked. +.SH "OPTIONS" +.TP 3n +\fBdebug\fR +Print debug information. +.SH "MODULE SERVICES PROVIDED" +.PP +Only the +\fBauth\fR +service is supported. +.SH "RETURN VALUES" +.TP 3n +PAM_SUCCESS +The +\fIUID\fR +is +\fI0\fR. +.TP 3n +PAM_AUTH_ERR +The +\fIUID\fR +is +\fBnot\fR +\fI0\fR. +.SH "EXAMPLES" +.PP +In the case of the +\fBsu\fR(1) +application the historical usage is to permit the superuser to adopt the identity of a lesser user without the use of a password. To obtain this behavior with PAM the following pair of lines are needed for the corresponding entry in the +\fI/etc/pam.d/su\fR +configuration file: +.sp +.RS 3n +.nf +# su authentication. Root is granted access by default. +auth sufficient pam_rootok.so +auth required pam_unix.so + +.fi +.RE +.sp +.SH "SEE ALSO" +.PP + +\fBsu\fR(1), +\fBpam.conf\fR(5), +\fBpam.d\fR(8), +\fBpam\fR(8) +.SH "AUTHOR" +.PP +pam_rootok was written by Andrew G. Morgan, <morgan@kernel.org>. |