diff options
Diffstat (limited to 'modules/pam_tty_audit/pam_tty_audit.8')
-rw-r--r-- | modules/pam_tty_audit/pam_tty_audit.8 | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/modules/pam_tty_audit/pam_tty_audit.8 b/modules/pam_tty_audit/pam_tty_audit.8 index 7ecfcdb3..2ba53358 100644 --- a/modules/pam_tty_audit/pam_tty_audit.8 +++ b/modules/pam_tty_audit/pam_tty_audit.8 @@ -1,13 +1,13 @@ '\" t .\" Title: pam_tty_audit .\" Author: [see the "AUTHOR" section] -.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> -.\" Date: 06/08/2020 +.\" Generator: DocBook XSL Stylesheets v1.79.2 <http://docbook.sf.net/> +.\" Date: 05/07/2023 .\" Manual: Linux-PAM Manual -.\" Source: Linux-PAM Manual +.\" Source: Linux-PAM .\" Language: English .\" -.TH "PAM_TTY_AUDIT" "8" "06/08/2020" "Linux-PAM Manual" "Linux\-PAM Manual" +.TH "PAM_TTY_AUDIT" "8" "05/07/2023" "Linux\-PAM" "Linux\-PAM Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -37,7 +37,7 @@ pam_tty_audit \- Enable or disable TTY auditing for specified users The pam_tty_audit PAM module is used to enable or disable TTY auditing\&. By default, the kernel does not audit input on any TTY\&. .SH "OPTIONS" .PP -\fBdisable=\fR\fB\fIpatterns\fR\fR +disable=patterns .RS 4 For each user matching \fB\fIpatterns\fR\fR, disable TTY auditing\&. This overrides any previous @@ -46,7 +46,7 @@ option matching the same user name on the command line\&. See NOTES for further \fB\fIpatterns\fR\fR\&. .RE .PP -\fBenable=\fR\fB\fIpatterns\fR\fR +enable=patterns .RS 4 For each user matching \fB\fIpatterns\fR\fR, enable TTY auditing\&. This overrides any previous @@ -55,7 +55,7 @@ option matching the same user name on the command line\&. See NOTES for further \fB\fIpatterns\fR\fR\&. .RE .PP -\fBopen_only\fR +open_only .RS 4 Set the TTY audit flag when opening the session, but do not restore it when closing the session\&. Using this option is necessary for some services that don\*(Aqt \fBfork()\fR @@ -63,7 +63,7 @@ to run the authenticated session, such as \fBsudo\fR\&. .RE .PP -\fBlog_passwd\fR +log_passwd .RS 4 Log keystrokes when ECHO mode is off but ICANON mode is active\&. This is the mode in which the tty is placed during password entry\&. By default, passwords are not logged\&. This option may not be available on older kernels (3\&.9?)\&. .RE @@ -85,7 +85,7 @@ Success\&. .RE .SH "NOTES" .PP -When TTY auditing is enabled, it is inherited by all processes started by that user\&. In particular, daemons restarted by an user will still have TTY auditing enabled, and audit TTY input even by other users unless auditing for these users is explicitly disabled\&. Therefore, it is recommended to use +When TTY auditing is enabled, it is inherited by all processes started by that user\&. In particular, daemons restarted by a user will still have TTY auditing enabled, and audit TTY input even by other users unless auditing for these users is explicitly disabled\&. Therefore, it is recommended to use \fBdisable=*\fR as the first option for most daemons using PAM\&. .PP @@ -129,7 +129,7 @@ session required pam_tty_audit\&.so disable=* enable=root \fBaureport\fR(8), \fBpam.conf\fR(5), \fBpam.d\fR(5), -\fBpam\fR(8) +\fBpam\fR(7) .SH "AUTHOR" .PP pam_tty_audit was written by Miloslav Trmač <mitr@redhat\&.com>\&. The log_passwd option was added by Richard Guy Briggs <rgb@redhat\&.com>\&. |