summaryrefslogtreecommitdiff
path: root/modules/pam_securetty
diff options
context:
space:
mode:
authorThorsten Kukuk <kukuk@thkukuk.de>2005-08-16 12:27:38 +0000
committerThorsten Kukuk <kukuk@thkukuk.de>2005-08-16 12:27:38 +0000
commit23624ea6f78ec8acc167a2491c00998907fc76b1 (patch)
treea57b3caee23a167d442d7d4e0419c4689dfba565 /modules/pam_securetty
parent2b5457bbf7352200f7bc77795adbbcfd47550855 (diff)
Relevant BUGIDs: none
Purpose of commit: new feature Commit summary: --------------- Big "automake/autoconf/libtool" commit
Diffstat (limited to 'modules/pam_securetty')
-rw-r--r--modules/pam_securetty/Makefile15
-rw-r--r--modules/pam_securetty/Makefile.am20
-rw-r--r--modules/pam_securetty/pam_securetty.898
3 files changed, 118 insertions, 15 deletions
diff --git a/modules/pam_securetty/Makefile b/modules/pam_securetty/Makefile
deleted file mode 100644
index 9b80d2e9..00000000
--- a/modules/pam_securetty/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# $Id$
-#
-# This Makefile controls a build process of $(TITLE) module for
-# Linux-PAM. You should not modify this Makefile (unless you know
-# what you are doing!).
-#
-# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27
-#
-
-include ../../Make.Rules
-
-TITLE=pam_securetty
-
-include ../Simple.Rules
diff --git a/modules/pam_securetty/Makefile.am b/modules/pam_securetty/Makefile.am
new file mode 100644
index 00000000..cfa1611c
--- /dev/null
+++ b/modules/pam_securetty/Makefile.am
@@ -0,0 +1,20 @@
+#
+# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de>
+#
+
+CLEANFILES = *~
+
+EXTRA_DIST = README $(MANS)
+
+man_MANS = pam_securetty.8
+
+securelibdir = $(SECUREDIR)
+secureconfdir = $(SCONFIGDIR)
+
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -I$(top_srcdir)/modules/pammodutil/include/
+AM_LDFLAGS = -avoid-version -module \
+ -L$(top_builddir)/modules/pammodutil -lpammodutil \
+ -L$(top_builddir)/libpam -lpam
+
+securelib_LTLIBRARIES = pam_securetty.la
diff --git a/modules/pam_securetty/pam_securetty.8 b/modules/pam_securetty/pam_securetty.8
new file mode 100644
index 00000000..2364a312
--- /dev/null
+++ b/modules/pam_securetty/pam_securetty.8
@@ -0,0 +1,98 @@
+.\" Copyright (C) 2003 International Business Machines Corp.
+.\" This file is distributed according to the GNU General Public License.
+.\" See the file COPYING in the top level source directory for details.
+.\"
+.de Sh \" Subsection
+.br
+.if t .Sp
+.ne 5
+.PP
+\fB\\$1\fR
+.PP
+..
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Ip \" List item
+.br
+.ie \\n(.$>=3 .ne \\$3
+.el .ne 3
+.IP "\\$1" \\$2
+..
+.TH "PAM_SECURETTY" 8 "2003-02-21" "Linux 2.4" "System Administrator's Manual"
+.SH NAME
+pam_securetty \- Limits root to logging in on devices listed in /etc/securetty
+.SH "SYNOPSIS"
+.ad l
+.hy 0
+
+/usr/security/pam_securetty
+.sp
+.ad
+.hy
+
+.SH "DESCRIPTION"
+
+.PP
+\fBpam_securetty\fR is a PAM module that allows root logins only if the
+user is logging in on a "secure" tty, as defined by the listing in
+\fI/etc/securetty\fR.
+\fBpam_securetty\fR also checks to make sure that \fI/etc/securetty\fR
+is a plain file and not world writable.
+
+.PP
+This module has no effect on non-root users.
+
+.SH "OPTIONS"
+.PP
+\fBpam_securetty\fR has no options.
+
+.SH "RETURN CODES"
+.PP
+\fBpam_securetty\fR has the following return codes:
+.TP
+PAM_SUCCESS
+The user is allowed to continue authentication.
+Either the user is not root, or the root user is trying to log in on
+an acceptable device.
+
+.TP
+PAM_AUTH_ERR
+Authentication is rejected.
+Either root is attempting to log in via an unacceptable device,
+or the \fI/etc/securetty\fR file is world writable or not a normal file.
+
+.TP
+PAM_INCOMPLETE
+An application error occurred. \fBpam_securetty\fR was not able to get
+information it required from the application that called it.
+
+.TP
+PAM_SERVICE_ERR
+An error occurred while the module was determining the user's name or tty,
+or the module could not open \fI/etc/securetty\fR.
+
+.TP
+PAM_IGNORE
+The module could not find the user name in the
+\fI/etc/passwd\fR file to verify whether the user had a UID of 0.
+Therefore, the results of running this module are ignored.
+
+.SH "HISTORY"
+
+.PP
+\fBpam_securetty\fR was written by Elliot Lee.
+
+.SH "FILES"
+
+.PP
+ \fI/etc/securetty\fR
+
+.SH "SEE ALSO"
+
+.PP
+\fBpam.conf\fR(8), \fBpam.d\fR(8), \fBpam\fR(8), \fBsecuretty\fR(8).
+
+.SH AUTHOR
+Emily Ratliff.