summaryrefslogtreecommitdiff
path: root/Linux-PAM/modules/pam_securetty/pam_securetty.8
diff options
context:
space:
mode:
Diffstat (limited to 'Linux-PAM/modules/pam_securetty/pam_securetty.8')
-rw-r--r--Linux-PAM/modules/pam_securetty/pam_securetty.897
1 files changed, 97 insertions, 0 deletions
diff --git a/Linux-PAM/modules/pam_securetty/pam_securetty.8 b/Linux-PAM/modules/pam_securetty/pam_securetty.8
new file mode 100644
index 00000000..f37c5710
--- /dev/null
+++ b/Linux-PAM/modules/pam_securetty/pam_securetty.8
@@ -0,0 +1,97 @@
+.\" Title: pam_securetty
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.73.1 <http://docbook.sf.net/>
+.\" Date: 01/08/2008
+.\" Manual: Linux-PAM Manual
+.\" Source: Linux-PAM Manual
+.\"
+.TH "PAM_SECURETTY" "8" "01/08/2008" "Linux-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_securetty - Limit root login to special devices
+.SH "SYNOPSIS"
+.HP 17
+\fBpam_securetty\.so\fR [debug]
+.SH "DESCRIPTION"
+.PP
+pam_securetty is a PAM module that allows root logins only if the user is logging in on a "secure" tty, as defined by the listing in
+\fI/etc/securetty\fR\. pam_securetty also checks to make sure that
+\fI/etc/securetty\fR
+is a plain file and not world writable\.
+.PP
+This module has no effect on non\-root users and requires that the application fills in the
+\fBPAM_TTY\fR
+item correctly\.
+.PP
+For canonical usage, should be listed as a
+\fBrequired\fR
+authentication method before any
+\fBsufficient\fR
+authentication methods\.
+.SH "OPTIONS"
+.PP
+\fBdebug\fR
+.RS 4
+Print debug information\.
+.RE
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBauth\fR
+service is supported\.
+.SH "RETURN VALUES"
+.PP
+PAM_SUCCESS
+.RS 4
+The user is allowed to continue authentication\. Either the user is not root, or the root user is trying to log in on an acceptable device\.
+.RE
+.PP
+PAM_AUTH_ERR
+.RS 4
+Authentication is rejected\. Either root is attempting to log in via an unacceptable device, or the
+\fI/etc/securetty\fR
+file is world writable or not a normal file\.
+.RE
+.PP
+PAM_INCOMPLETE
+.RS 4
+An application error occurred\. pam_securetty was not able to get information it required from the application that called it\.
+.RE
+.PP
+PAM_SERVICE_ERR
+.RS 4
+An error occurred while the module was determining the user\'s name or tty, or the module could not open
+\fI/etc/securetty\fR\.
+.RE
+.PP
+PAM_IGNORE
+.RS 4
+The module could not find the user name in the
+\fI/etc/passwd\fR
+file to verify whether the user had a UID of 0\. Therefore, the results of running this module are ignored\.
+.RE
+.SH "EXAMPLES"
+.PP
+
+.sp
+.RS 4
+.nf
+auth required pam_securetty\.so
+auth required pam_unix\.so
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBsecuretty\fR(5),
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_securetty was written by Elliot Lee <sopwith@cuc\.edu>\.