summaryrefslogtreecommitdiff
path: root/modules/pam_group/group.conf
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_group/group.conf')
-rw-r--r--modules/pam_group/group.conf99
1 files changed, 0 insertions, 99 deletions
diff --git a/modules/pam_group/group.conf b/modules/pam_group/group.conf
deleted file mode 100644
index d4a10672..00000000
--- a/modules/pam_group/group.conf
+++ /dev/null
@@ -1,99 +0,0 @@
-#
-# This is the configuration file for the pam_group module.
-#
-
-#
-# *** Please note that giving group membership on a session basis is
-# *** NOT inherently secure. If a user can create an executable that
-# *** is setgid a group that they are infrequently given membership
-# *** of, they can basically obtain group membership any time they
-# *** like. Example: games are allowed between the hours of 6pm and 6am
-# *** user joe logs in at 7pm writes a small C-program toplay.c that
-# *** invokes their favorite shell, compiles it and does
-# *** "chgrp games toplay; chmod g+s toplay". They are basically able
-# *** to play games any time... You have been warned. AGM
-#
-
-#
-# The syntax of the lines is as follows:
-#
-# services;ttys;users;times;groups
-#
-# white space is ignored and lines maybe extended with '\\n' (escaped
-# newlines). From reading these comments, it is clear that
-# text following a '#' is ignored to the end of the line.
-#
-# the combination of individual users/terminals etc is a logic list
-# namely individual tokens that are optionally prefixed with '!' (logical
-# not) and separated with '&' (logical and) and '|' (logical or).
-#
-# services
-# is a logic list of PAM service names that the rule applies to.
-#
-# ttys
-# is a logic list of terminal names that this rule applies to.
-#
-# users
-# is a logic list of users or a netgroup of users to whom this
-# rule applies.
-#
-# NB. For these items the simple wildcard '*' may be used only once.
-# With netgroups no wildcards or logic operators are allowed.
-#
-# times
-# It is used to indicate "when" these groups are to be given to the
-# user. The format here is a logic list of day/time-range
-# entries the days are specified by a sequence of two character
-# entries, MoTuSa for example is Monday Tuesday and Saturday. Note
-# that repeated days are unset MoMo = no day, and MoWk = all weekdays
-# bar Monday. The two character combinations accepted are
-#
-# Mo Tu We Th Fr Sa Su Wk Wd Al
-#
-# the last two being week-end days and all 7 days of the week
-# respectively. As a final example, AlFr means all days except Friday.
-#
-# Each day/time-range can be prefixed with a '!' to indicate "anything
-# but"
-#
-# The time-range part is two 24-hour times HHMM separated by a hyphen
-# indicating the start and finish time (if the finish time is smaller
-# than the start time it is deemed to apply on the following day).
-#
-# groups
-# The (comma or space separated) list of groups that the user
-# inherits membership of. These groups are added if the previous
-# fields are satisfied by the user's request
-#
-# For a rule to be active, ALL of service+ttys+users must be satisfied
-# by the applying process.
-#
-
-#
-# Note, to get this to work as it is currently typed you need
-#
-# 1. to run an application as root
-# 2. add the following groups to the /etc/group file:
-# floppy, games, sound
-#
-
-#
-# Here is a simple example: running 'xsh' on tty* (any ttyXXX device),
-# the user 'us' is given access to the floppy (through membership of
-# the floppy group)
-#
-
-#xsh;tty*&!ttyp*;us;Al0000-2400;floppy
-
-#
-# another example: running 'xsh' on tty* (any ttyXXX device),
-# the user 'sword' is given access to games (through membership of
-# the floppy group) after work hours
-#
-
-#xsh; tty* ;sword;!Wk0900-1800;games, sound
-#xsh; tty* ;*;Al0900-1800;floppy
-
-#
-# End of group.conf file
-#
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 07:08:20 +0000