summaryrefslogtreecommitdiff
path: root/modules/pam_deny/README
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_deny/README')
-rw-r--r--modules/pam_deny/README31
1 files changed, 31 insertions, 0 deletions
diff --git a/modules/pam_deny/README b/modules/pam_deny/README
new file mode 100644
index 00000000..6b3a86f8
--- /dev/null
+++ b/modules/pam_deny/README
@@ -0,0 +1,31 @@
+pam_deny — The locking-out PAM module
+
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+DESCRIPTION
+
+This module can be used to deny access. It always indicates a failure to the
+application through the PAM framework. It might be suitable for using for
+default (the OTHER) entries.
+
+EXAMPLES
+
+#%PAM-1.0
+#
+# If we don't have config entries for a service, the
+# OTHER entries are used. To be secure, warn and deny
+# access to everything.
+other auth required pam_warn.so
+other auth required pam_deny.so
+other account required pam_warn.so
+other account required pam_deny.so
+other password required pam_warn.so
+other password required pam_deny.so
+other session required pam_warn.so
+other session required pam_deny.so
+
+
+AUTHOR
+
+pam_deny was written by Andrew G. Morgan <morgan@kernel.org>
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-19 19:07:12 +0000