summaryrefslogtreecommitdiff
path: root/modules/pam_rootok/pam_rootok.8
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_rootok/pam_rootok.8')
-rw-r--r--modules/pam_rootok/pam_rootok.883
1 files changed, 83 insertions, 0 deletions
diff --git a/modules/pam_rootok/pam_rootok.8 b/modules/pam_rootok/pam_rootok.8
new file mode 100644
index 00000000..83ea8c09
--- /dev/null
+++ b/modules/pam_rootok/pam_rootok.8
@@ -0,0 +1,83 @@
+.\" Title: pam_rootok
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.73.1 <http://docbook.sf.net/>
+.\" Date: 04/16/2008
+.\" Manual: Linux-PAM Manual
+.\" Source: Linux-PAM Manual
+.\"
+.TH "PAM_ROOTOK" "8" "04/16/2008" "Linux-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_rootok - Gain only root access
+.SH "SYNOPSIS"
+.HP 14
+\fBpam_rootok\.so\fR [debug]
+.SH "DESCRIPTION"
+.PP
+pam_rootok is a PAM module that authenticates the user if their
+\fIUID\fR
+is
+\fI0\fR\. Applications that are created setuid\-root generally retain the
+\fIUID\fR
+of the user but run with the authority of an enhanced effective\-UID\. It is the real
+\fIUID\fR
+that is checked\.
+.SH "OPTIONS"
+.PP
+\fBdebug\fR
+.RS 4
+Print debug information\.
+.RE
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBauth\fR
+service is supported\.
+.SH "RETURN VALUES"
+.PP
+PAM_SUCCESS
+.RS 4
+The
+\fIUID\fR
+is
+\fI0\fR\.
+.RE
+.PP
+PAM_AUTH_ERR
+.RS 4
+The
+\fIUID\fR
+is
+\fBnot\fR
+\fI0\fR\.
+.RE
+.SH "EXAMPLES"
+.PP
+In the case of the
+\fBsu\fR(1)
+application the historical usage is to permit the superuser to adopt the identity of a lesser user without the use of a password\. To obtain this behavior with PAM the following pair of lines are needed for the corresponding entry in the
+\fI/etc/pam\.d/su\fR
+configuration file:
+.sp
+.RS 4
+.nf
+# su authentication\. Root is granted access by default\.
+auth sufficient pam_rootok\.so
+auth required pam_unix\.so
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBsu\fR(1),
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_rootok was written by Andrew G\. Morgan, <morgan@kernel\.org>\.