diff options
Diffstat (limited to 'modules/pam_securetty/pam_securetty.8.xml')
-rw-r--r-- | modules/pam_securetty/pam_securetty.8.xml | 37 |
1 files changed, 28 insertions, 9 deletions
diff --git a/modules/pam_securetty/pam_securetty.8.xml b/modules/pam_securetty/pam_securetty.8.xml index 48215f5f..e49d572b 100644 --- a/modules/pam_securetty/pam_securetty.8.xml +++ b/modules/pam_securetty/pam_securetty.8.xml @@ -31,9 +31,12 @@ <para> pam_securetty is a PAM module that allows root logins only if the user is logging in on a "secure" tty, as defined by the listing - in <filename>/etc/securetty</filename>. pam_securetty also checks - to make sure that <filename>/etc/securetty</filename> is a plain - file and not world writable. It will also allow root logins on + in the <filename>securetty</filename> file. pam_securetty checks at + first, if <filename>/etc/securetty</filename> exists. If not and + it was built with vendordir support, it will use + <filename>%vendordir%/securetty</filename>. pam_securetty also + checks that the <filename>securetty</filename> files are plain + files and not world writable. It will also allow root logins on the tty specified with <option>console=</option> switch on the kernel command line and on ttys from the <filename>/sys/class/tty/console/active</filename>. @@ -73,7 +76,7 @@ Do not automatically allow root logins on the kernel console device, as specified on the kernel command line or by the sys file, if it is not also specified in the - <filename>/etc/securetty</filename> file. + <filename>securetty</filename> file. </para> </listitem> </varlistentry> @@ -106,18 +109,34 @@ <para> Authentication is rejected. Either root is attempting to log in via an unacceptable device, or the - <filename>/etc/securetty</filename> file is world writable or + <filename>securetty</filename> file is world writable or not a normal file. </para> </listitem> </varlistentry> <varlistentry> + <term>PAM_BUF_ERR</term> + <listitem> + <para> + Memory buffer error. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>PAM_CONV_ERR</term> + <listitem> + <para> + The conversation method supplied by the application + failed to obtain the username. + </para> + </listitem> + </varlistentry> + <varlistentry> <term>PAM_INCOMPLETE</term> <listitem> <para> - An application error occurred. pam_securetty was not able - to get information it required from the application that - called it. + The conversation method supplied by the application + returned PAM_CONV_AGAIN. </para> </listitem> </varlistentry> @@ -127,7 +146,7 @@ <para> An error occurred while the module was determining the user's name or tty, or the module could not open - <filename>/etc/securetty</filename>. + the <filename>securetty</filename> file. </para> </listitem> </varlistentry> |