diff options
Diffstat (limited to 'Linux-PAM/modules/pam_securetty/pam_securetty.8')
-rw-r--r-- | Linux-PAM/modules/pam_securetty/pam_securetty.8 | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/Linux-PAM/modules/pam_securetty/pam_securetty.8 b/Linux-PAM/modules/pam_securetty/pam_securetty.8 new file mode 100644 index 00000000..f37c5710 --- /dev/null +++ b/Linux-PAM/modules/pam_securetty/pam_securetty.8 @@ -0,0 +1,97 @@ +.\" Title: pam_securetty +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.73.1 <http://docbook.sf.net/> +.\" Date: 01/08/2008 +.\" Manual: Linux-PAM Manual +.\" Source: Linux-PAM Manual +.\" +.TH "PAM_SECURETTY" "8" "01/08/2008" "Linux-PAM Manual" "Linux\-PAM Manual" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +pam_securetty - Limit root login to special devices +.SH "SYNOPSIS" +.HP 17 +\fBpam_securetty\.so\fR [debug] +.SH "DESCRIPTION" +.PP +pam_securetty is a PAM module that allows root logins only if the user is logging in on a "secure" tty, as defined by the listing in +\fI/etc/securetty\fR\. pam_securetty also checks to make sure that +\fI/etc/securetty\fR +is a plain file and not world writable\. +.PP +This module has no effect on non\-root users and requires that the application fills in the +\fBPAM_TTY\fR +item correctly\. +.PP +For canonical usage, should be listed as a +\fBrequired\fR +authentication method before any +\fBsufficient\fR +authentication methods\. +.SH "OPTIONS" +.PP +\fBdebug\fR +.RS 4 +Print debug information\. +.RE +.SH "MODULE SERVICES PROVIDED" +.PP +Only the +\fBauth\fR +service is supported\. +.SH "RETURN VALUES" +.PP +PAM_SUCCESS +.RS 4 +The user is allowed to continue authentication\. Either the user is not root, or the root user is trying to log in on an acceptable device\. +.RE +.PP +PAM_AUTH_ERR +.RS 4 +Authentication is rejected\. Either root is attempting to log in via an unacceptable device, or the +\fI/etc/securetty\fR +file is world writable or not a normal file\. +.RE +.PP +PAM_INCOMPLETE +.RS 4 +An application error occurred\. pam_securetty was not able to get information it required from the application that called it\. +.RE +.PP +PAM_SERVICE_ERR +.RS 4 +An error occurred while the module was determining the user\'s name or tty, or the module could not open +\fI/etc/securetty\fR\. +.RE +.PP +PAM_IGNORE +.RS 4 +The module could not find the user name in the +\fI/etc/passwd\fR +file to verify whether the user had a UID of 0\. Therefore, the results of running this module are ignored\. +.RE +.SH "EXAMPLES" +.PP + +.sp +.RS 4 +.nf +auth required pam_securetty\.so +auth required pam_unix\.so + +.fi +.RE +.sp +.SH "SEE ALSO" +.PP + +\fBsecuretty\fR(5), +\fBpam.conf\fR(5), +\fBpam.d\fR(8), +\fBpam\fR(8) +.SH "AUTHOR" +.PP +pam_securetty was written by Elliot Lee <sopwith@cuc\.edu>\. |