summaryrefslogtreecommitdiff
path: root/modules/pam_succeed_if/README
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_succeed_if/README')
-rw-r--r--modules/pam_succeed_if/README124
1 files changed, 0 insertions, 124 deletions
diff --git a/modules/pam_succeed_if/README b/modules/pam_succeed_if/README
deleted file mode 100644
index 6e4907c6..00000000
--- a/modules/pam_succeed_if/README
+++ /dev/null
@@ -1,124 +0,0 @@
-pam_succeed_if — test account characteristics
-
-━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-
-DESCRIPTION
-
-pam_succeed_if.so is designed to succeed or fail authentication based on
-characteristics of the account belonging to the user being authenticated. One
-use is to select whether to load other modules based on this test.
-
-The module should be given one or more conditions as module arguments, and
-authentication will succeed only if all of the conditions are met.
-
-OPTIONS
-
-The following flags are supported:
-
-debug
-
- Turns on debugging messages sent to syslog.
-
-use_uid
-
- Evaluate conditions using the account of the user whose UID the application
- is running under instead of the user being authenticated.
-
-quiet
-
- Don't log failure or success to the system log.
-
-quiet_fail
-
- Don't log failure to the system log.
-
-quiet_success
-
- Don't log success to the system log.
-
-Conditions are three words: a field, a test, and a value to test for.
-
-Available fields are user, uid, gid, shell, home and service:
-
-field < number
-
- Field has a value numerically less than number.
-
-field <= number
-
- Field has a value numerically less than or equal to number.
-
-field eq number
-
- Field has a value numerically equal to number.
-
-field >= number
-
- Field has a value numerically greater than or equal to number.
-
-field > number
-
- Field has a value numerically greater than number.
-
-field ne number
-
- Field has a value numerically different from number.
-
-field = string
-
- Field exactly matches the given string.
-
-field != string
-
- Field does not match the given string.
-
-field =~ glob
-
- Field matches the given glob.
-
-field !~ glob
-
- Field does not match the given glob.
-
-field in item:item:...
-
- Field is contained in the list of items separated by colons.
-
-field notin item:item:...
-
- Field is not contained in the list of items separated by colons.
-
-user ingroup group
-
- User is in given group.
-
-user notingroup group
-
- User is not in given group.
-
-user innetgr netgroup
-
- (user,host) is in given netgroup.
-
-user notinnetgr group
-
- (user,host) is not in given netgroup.
-
-EXAMPLES
-
-To emulate the behaviour of pam_wheel, except there is no fallback to group 0:
-
-auth required pam_succeed_if.so quiet user ingroup wheel
-
-
-Given that the type matches, only loads the othermodule rule if the UID is over
-500. Adjust the number after default to skip several rules.
-
-type [default=1 success=ignore] pam_succeed_if.so quiet uid > 500
-type required othermodule.so arguments...
-
-
-AUTHOR
-
-Nalin Dahyabhai <nalin@redhat.com>
-
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-27 05:11:24 +0000