summaryrefslogtreecommitdiff
path: root/modules/pam_wheel/README
diff options
context:
space:
mode:
authorAndrew G. Morgan <morgan@kernel.org>2000-06-20 22:10:38 +0000
committerAndrew G. Morgan <morgan@kernel.org>2000-06-20 22:10:38 +0000
commitea488580c42e8918445a945484de3c8a5addc761 (patch)
treec992f3ba699caafedfadc16af38e6359c3c24698 /modules/pam_wheel/README
Initial revision
Diffstat (limited to 'modules/pam_wheel/README')
-rw-r--r--modules/pam_wheel/README33
1 files changed, 33 insertions, 0 deletions
diff --git a/modules/pam_wheel/README b/modules/pam_wheel/README
new file mode 100644
index 00000000..336bb31e
--- /dev/null
+++ b/modules/pam_wheel/README
@@ -0,0 +1,33 @@
+
+pam_wheel:
+ only permit root authentication too members of wheel group
+
+RECOGNIZED ARGUMENTS:
+ debug write a message to syslog indicating success or
+ failure.
+
+ use_uid the check for wheel membership will be done against
+ the current uid instead of the original one
+ (useful when jumping with su from one account to
+ another for example)
+
+ trust the pam_wheel module will return PAM_SUCCESS instead
+ of PAM_IGNORE if the user is a member of the wheel
+ group (thus with a little play stacking the modules
+ the wheel members may be able to su to root without
+ being prompted for a passwd).
+
+ deny Reverse the sense of the auth operation: if the user
+ is trying to get UID 0 access and is a member of the
+ wheel group, deny access (well, kind of nonsense, but
+ for use in conjunction with 'group' argument... :-)
+
+ group=xxxx Instead of checking the GID 0 group, use the xxxx
+ group to perform the authentification.
+
+MODULE SERVICES PROVIDED:
+ auth _authetication and _setcred (blank)
+
+AUTHOR:
+ Cristian Gafton <gafton@sorosis.ro>
+