path: root/modules/pam_stress/README
diff options
authorAndrew G. Morgan <>2000-06-20 22:10:38 +0000
committerAndrew G. Morgan <>2000-06-20 22:10:38 +0000
commitea488580c42e8918445a945484de3c8a5addc761 (patch)
treec992f3ba699caafedfadc16af38e6359c3c24698 /modules/pam_stress/README
Initial revision
Diffstat (limited to 'modules/pam_stress/README')
1 files changed, 66 insertions, 0 deletions
diff --git a/modules/pam_stress/README b/modules/pam_stress/README
new file mode 100644
index 00000000..74a297b2
--- /dev/null
+++ b/modules/pam_stress/README
@@ -0,0 +1,66 @@
+# $Id$
+# This describes the behavior of this module with respect to the
+# /etc/pam.conf file.
+# writen by Andrew Morgan <>
+This module recognizes the following arguments.
+debug put lots of information in syslog.
+ *NOTE* this option writes passwords to syslog, so
+ don't use anything sensitive when testing.
+no_warn don't give warnings about things (otherwise warnings are issued
+ via the conversation function)
+use_first_pass don't prompt for a password, for pam_sm_authentication
+ function just use item PAM_AUTHTOK.
+try_first_pass don't prompt for a password unless there has been no
+ previous authentication token (item PAM_AUTHTOK is NULL)
+rootok This is intended for the pam_sm_chauthtok function and
+ it instructs this function to permit root to change
+ the user's password without entering the old password.
+The following arguments are acted on by the module. They are intended
+to make the module give the impression of failing as a fully
+functioning module might.
+expired an argument intended for the account and chauthtok module
+ parts. It instructs the module to act as if the user's
+ password has expired
+fail_1 this instructs the module to make its first function fail.
+fail_2 this instructs the module to make its second function (if there
+ is one) fail.
+ The function break up is indicated in the Module
+ Developers' Guide. Listed here it is:
+ service function 1 function 2
+ ------- ---------- ----------
+ auth pam_sm_authenticate pam_sm_setcred
+ password pam_sm_chauthtok
+ session pam_sm_open_session pam_sm_close_session
+ account pam_sm_acct_mgmt
+prelim for pam_sm_chauthtok, means fail on PAM_PRELIM_CHECK.
+required for pam_sm_chauthtok, means fail if the user hasn't already
+ been authenticated by this module. (See stress_new_pwd data
+ item below.)
+# data strings that this module uses are the following:
+data name value(s) Comments
+--------- -------- --------
+stress_new_pwd yes tells pam_sm_chauthtok that
+ pam_sm_acct_mgmt says we need a new
+ password