diff options
Diffstat (limited to 'Linux-PAM/modules/pam_nologin/pam_nologin.8')
-rw-r--r-- | Linux-PAM/modules/pam_nologin/pam_nologin.8 | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/Linux-PAM/modules/pam_nologin/pam_nologin.8 b/Linux-PAM/modules/pam_nologin/pam_nologin.8 new file mode 100644 index 00000000..8d5d1742 --- /dev/null +++ b/Linux-PAM/modules/pam_nologin/pam_nologin.8 @@ -0,0 +1,110 @@ +.\" Title: pam_nologin +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.73.1 <http://docbook.sf.net/> +.\" Date: 01/08/2008 +.\" Manual: Linux-PAM Manual +.\" Source: Linux-PAM Manual +.\" +.TH "PAM_NOLOGIN" "8" "01/08/2008" "Linux-PAM Manual" "Linux\-PAM Manual" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +pam_nologin - Prevent non-root users from login +.SH "SYNOPSIS" +.HP 15 +\fBpam_nologin\.so\fR [file=\fI/path/nologin\fR] [successok] +.SH "DESCRIPTION" +.PP +pam_nologin is a PAM module that prevents users from logging into the system when +\fI/etc/nologin\fR +exists\. The contents of the +\fI/etc/nologin\fR +file are displayed to the user\. The pam_nologin module has no effect on the root user\'s ability to log in\. +.SH "OPTIONS" +.PP +\fBfile=\fR\fB\fI/path/nologin\fR\fR +.RS 4 +Use this file instead the default +\fI/etc/nologin\fR\. +.RE +.PP +\fBsuccessok\fR +.RS 4 +Return PAM_SUCCESS if no file exists, the default is PAM_IGNORE\. +.RE +.SH "MODULE SERVICES PROVIDED" +.PP +The +\fBauth\fR +and +\fBacct\fR +services are supported\. +.SH "RETURN VALUES" +.PP +PAM_AUTH_ERR +.RS 4 +The user is not root and +\fI/etc/nologin\fR +exists, so the user is not permitted to log in\. +.RE +.PP +PAM_BUF_ERR +.RS 4 +Memory buffer error\. +.RE +.PP +PAM_IGNORE +.RS 4 +This is the default return value\. +.RE +.PP +PAM_SUCCESS +.RS 4 +Success: either the user is root or the +\fI/etc/nologin\fR +file does not exist\. +.RE +.PP +PAM_USER_UNKNOWN +.RS 4 +User not known to the underlying authentication module\. +.RE +.SH "EXAMPLES" +.PP +The suggested usage for +\fI/etc/pam\.d/login\fR +is: +.sp +.RS 4 +.nf +auth required pam_nologin\.so + +.fi +.RE +.sp +.SH "NOTES" +.PP +In order to make this module effective, all login methods should be secured by it\. It should be used as a +\fIrequired\fR +method listed before any +\fIsufficient\fR +methods in order to get standard Unix nologin semantics\. Note, the use of +\fBsuccessok\fR +module argument causes the module to return +\fIPAM_SUCCESS\fR +and as such would break such a configuration \- failing +\fIsufficient\fR +modules would lead to a successful login because the nologin module +\fIsucceeded\fR\. +.SH "SEE ALSO" +.PP + +\fBnologin\fR(5), +\fBpam.conf\fR(5), +\fBpam.d\fR(8), +\fBpam\fR(8) +.SH "AUTHOR" +.PP +pam_nologin was written by Michael K\. Johnson <johnsonm@redhat\.com>\. |