diff options
Diffstat (limited to 'Linux-PAM/modules/pam_wheel/pam_wheel.8')
-rw-r--r-- | Linux-PAM/modules/pam_wheel/pam_wheel.8 | 127 |
1 files changed, 0 insertions, 127 deletions
diff --git a/Linux-PAM/modules/pam_wheel/pam_wheel.8 b/Linux-PAM/modules/pam_wheel/pam_wheel.8 deleted file mode 100644 index 7da719a3..00000000 --- a/Linux-PAM/modules/pam_wheel/pam_wheel.8 +++ /dev/null @@ -1,127 +0,0 @@ -.\" Title: pam_wheel -.\" Author: -.\" Generator: DocBook XSL Stylesheets v1.73.1 <http://docbook.sf.net/> -.\" Date: 01/08/2008 -.\" Manual: Linux-PAM Manual -.\" Source: Linux-PAM Manual -.\" -.TH "PAM_WHEEL" "8" "01/08/2008" "Linux-PAM Manual" "Linux\-PAM Manual" -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.SH "NAME" -pam_wheel - Only permit root access to members of group wheel -.SH "SYNOPSIS" -.HP 13 -\fBpam_wheel\.so\fR [debug] [deny] [group=\fIname\fR] [root_only] [trust] [use_uid] -.SH "DESCRIPTION" -.PP -The pam_wheel PAM module is used to enforce the so\-called -\fIwheel\fR -group\. By default it permits root access to the system if the applicant user is a member of the -\fIwheel\fR -group\. If no group with this name exist, the module is using the group with the group\-ID -\fB0\fR\. -.SH "OPTIONS" -.PP -\fBdebug\fR -.RS 4 -Print debug information\. -.RE -.PP -\fBdeny\fR -.RS 4 -Reverse the sense of the auth operation: if the user is trying to get UID 0 access and is a member of the wheel group (or the group of the -\fBgroup\fR -option), deny access\. Conversely, if the user is not in the group, return PAM_IGNORE (unless -\fBtrust\fR -was also specified, in which case we return PAM_SUCCESS)\. -.RE -.PP -\fBgroup=\fR\fB\fIname\fR\fR -.RS 4 -Instead of checking the wheel or GID 0 groups, use the -\fB\fIname\fR\fR -group to perform the authentication\. -.RE -.PP -\fBroot_only\fR -.RS 4 -The check for wheel membership is done only\. -.RE -.PP -\fBtrust\fR -.RS 4 -The pam_wheel module will return PAM_SUCCESS instead of PAM_IGNORE if the user is a member of the wheel group (thus with a little play stacking the modules the wheel members may be able to su to root without being prompted for a passwd)\. -.RE -.PP -\fBuse_uid\fR -.RS 4 -The check for wheel membership will be done against the current uid instead of the original one (useful when jumping with su from one account to another for example)\. -.RE -.SH "MODULE SERVICES PROVIDED" -.PP -The -\fBauth\fR -and -\fBaccount\fR -services are supported\. -.SH "RETURN VALUES" -.PP -PAM_AUTH_ERR -.RS 4 -Authentication failure\. -.RE -.PP -PAM_BUF_ERR -.RS 4 -Memory buffer error\. -.RE -.PP -PAM_IGNORE -.RS 4 -The return value should be ignored by PAM dispatch\. -.RE -.PP -PAM_PERM_DENY -.RS 4 -Permission denied\. -.RE -.PP -PAM_SERVICE_ERR -.RS 4 -Cannot determine the user name\. -.RE -.PP -PAM_SUCCESS -.RS 4 -Success\. -.RE -.PP -PAM_USER_UNKNOWN -.RS 4 -User not known\. -.RE -.SH "EXAMPLES" -.PP -The root account gains access by default (rootok), only wheel members can become root (wheel) but Unix authenticate non\-root applicants\. -.sp -.RS 4 -.nf -su auth sufficient pam_rootok\.so -su auth required pam_wheel\.so -su auth required pam_unix\.so - -.fi -.RE -.sp -.SH "SEE ALSO" -.PP - -\fBpam.conf\fR(5), -\fBpam.d\fR(8), -\fBpam\fR(8) -.SH "AUTHOR" -.PP -pam_wheel was written by Cristian Gafton <gafton@redhat\.com>\. |