diff options
Diffstat (limited to 'modules/pam_securetty/pam_securetty.8')
| -rw-r--r-- | modules/pam_securetty/pam_securetty.8 | 98 |
1 files changed, 98 insertions, 0 deletions
diff --git a/modules/pam_securetty/pam_securetty.8 b/modules/pam_securetty/pam_securetty.8 new file mode 100644 index 00000000..2364a312 --- /dev/null +++ b/modules/pam_securetty/pam_securetty.8 @@ -0,0 +1,98 @@ +.\" Copyright (C) 2003 International Business Machines Corp. +.\" This file is distributed according to the GNU General Public License. +.\" See the file COPYING in the top level source directory for details. +.\" +.de Sh \" Subsection +.br +.if t .Sp +.ne 5 +.PP +\fB\\$1\fR +.PP +.. +.de Sp \" Vertical space (when we can't use .PP) +.if t .sp .5v +.if n .sp +.. +.de Ip \" List item +.br +.ie \\n(.$>=3 .ne \\$3 +.el .ne 3 +.IP "\\$1" \\$2 +.. +.TH "PAM_SECURETTY" 8 "2003-02-21" "Linux 2.4" "System Administrator's Manual" +.SH NAME +pam_securetty \- Limits root to logging in on devices listed in /etc/securetty +.SH "SYNOPSIS" +.ad l +.hy 0 + +/usr/security/pam_securetty +.sp +.ad +.hy + +.SH "DESCRIPTION" + +.PP +\fBpam_securetty\fR is a PAM module that allows root logins only if the +user is logging in on a "secure" tty, as defined by the listing in +\fI/etc/securetty\fR. +\fBpam_securetty\fR also checks to make sure that \fI/etc/securetty\fR +is a plain file and not world writable. + +.PP +This module has no effect on non-root users. + +.SH "OPTIONS" +.PP +\fBpam_securetty\fR has no options. + +.SH "RETURN CODES" +.PP +\fBpam_securetty\fR has the following return codes: +.TP +PAM_SUCCESS +The user is allowed to continue authentication. +Either the user is not root, or the root user is trying to log in on +an acceptable device. + +.TP +PAM_AUTH_ERR +Authentication is rejected. +Either root is attempting to log in via an unacceptable device, +or the \fI/etc/securetty\fR file is world writable or not a normal file. + +.TP +PAM_INCOMPLETE +An application error occurred. \fBpam_securetty\fR was not able to get +information it required from the application that called it. + +.TP +PAM_SERVICE_ERR +An error occurred while the module was determining the user's name or tty, +or the module could not open \fI/etc/securetty\fR. + +.TP +PAM_IGNORE +The module could not find the user name in the +\fI/etc/passwd\fR file to verify whether the user had a UID of 0. +Therefore, the results of running this module are ignored. + +.SH "HISTORY" + +.PP +\fBpam_securetty\fR was written by Elliot Lee. + +.SH "FILES" + +.PP + \fI/etc/securetty\fR + +.SH "SEE ALSO" + +.PP +\fBpam.conf\fR(8), \fBpam.d\fR(8), \fBpam\fR(8), \fBsecuretty\fR(8). + +.SH AUTHOR +Emily Ratliff. |