diff options
Diffstat (limited to 'modules/pam_securetty/pam_securetty.8')
-rw-r--r-- | modules/pam_securetty/pam_securetty.8 | 147 |
1 files changed, 67 insertions, 80 deletions
diff --git a/modules/pam_securetty/pam_securetty.8 b/modules/pam_securetty/pam_securetty.8 index 2364a312..f72e611f 100644 --- a/modules/pam_securetty/pam_securetty.8 +++ b/modules/pam_securetty/pam_securetty.8 @@ -1,98 +1,85 @@ -.\" Copyright (C) 2003 International Business Machines Corp. -.\" This file is distributed according to the GNU General Public License. -.\" See the file COPYING in the top level source directory for details. +.\" Title: pam_securetty +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Date: 06/04/2006 +.\" Manual: Linux\-PAM Manual +.\" Source: Linux\-PAM Manual .\" -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "PAM_SECURETTY" 8 "2003-02-21" "Linux 2.4" "System Administrator's Manual" -.SH NAME -pam_securetty \- Limits root to logging in on devices listed in /etc/securetty -.SH "SYNOPSIS" +.TH "PAM_SECURETTY" "8" "06/04/2006" "Linux\-PAM Manual" "Linux\-PAM Manual" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) .ad l -.hy 0 - -/usr/security/pam_securetty -.sp -.ad -.hy - +.SH "NAME" +pam_securetty \- Limit root login to special devices +.SH "SYNOPSIS" +.HP 17 +\fBpam_securetty.so\fR [debug] .SH "DESCRIPTION" - .PP -\fBpam_securetty\fR is a PAM module that allows root logins only if the -user is logging in on a "secure" tty, as defined by the listing in -\fI/etc/securetty\fR. -\fBpam_securetty\fR also checks to make sure that \fI/etc/securetty\fR +pam_securetty is a PAM module that allows root logins only if the user is logging in on a "secure" tty, as defined by the listing in +\fI/etc/securetty\fR. pam_securetty also checks to make sure that +\fI/etc/securetty\fR is a plain file and not world writable. - .PP -This module has no effect on non-root users. - -.SH "OPTIONS" +This module has no effect on non\-root users and requires that the application fills in the +\fBPAM_TTY\fR +item correctly. .PP -\fBpam_securetty\fR has no options. - -.SH "RETURN CODES" +For canonical usage, should be listed as a +\fBrequired\fR +authentication method before any +\fBsufficient\fR +authentication methods. +.SH "OPTIONS" +.TP 3n +\fBdebug\fR +Print debug information. +.SH "MODULE SERVICES PROVIDED" .PP -\fBpam_securetty\fR has the following return codes: -.TP +Only the +\fBauth\fR +service is supported. +.SH "RETURN VALUES" +.TP 3n PAM_SUCCESS -The user is allowed to continue authentication. -Either the user is not root, or the root user is trying to log in on -an acceptable device. - -.TP +The user is allowed to continue authentication. Either the user is not root, or the root user is trying to log in on an acceptable device. +.TP 3n PAM_AUTH_ERR -Authentication is rejected. -Either root is attempting to log in via an unacceptable device, -or the \fI/etc/securetty\fR file is world writable or not a normal file. - -.TP +Authentication is rejected. Either root is attempting to log in via an unacceptable device, or the +\fI/etc/securetty\fR +file is world writable or not a normal file. +.TP 3n PAM_INCOMPLETE -An application error occurred. \fBpam_securetty\fR was not able to get -information it required from the application that called it. - -.TP +An application error occurred. pam_securetty was not able to get information it required from the application that called it. +.TP 3n PAM_SERVICE_ERR -An error occurred while the module was determining the user's name or tty, -or the module could not open \fI/etc/securetty\fR. - -.TP +An error occurred while the module was determining the user's name or tty, or the module could not open +\fI/etc/securetty\fR. +.TP 3n PAM_IGNORE -The module could not find the user name in the -\fI/etc/passwd\fR file to verify whether the user had a UID of 0. -Therefore, the results of running this module are ignored. - -.SH "HISTORY" - +The module could not find the user name in the +\fI/etc/passwd\fR +file to verify whether the user had a UID of 0. Therefore, the results of running this module are ignored. +.SH "EXAMPLES" .PP -\fBpam_securetty\fR was written by Elliot Lee. - -.SH "FILES" - -.PP - \fI/etc/securetty\fR +.sp +.RS 3n +.nf +auth required pam_securetty.so +auth required pam_unix.so + +.fi +.RE +.sp .SH "SEE ALSO" - .PP -\fBpam.conf\fR(8), \fBpam.d\fR(8), \fBpam\fR(8), \fBsecuretty\fR(8). -.SH AUTHOR -Emily Ratliff. +\fBsecuretty\fR(5), +\fBpam.conf\fR(5), +\fBpam.d\fR(8), +\fBpam\fR(8) +.SH "AUTHOR" +.PP +pam_securetty was written by Elliot Lee <sopwith@cuc.edu>. |