diff options
Diffstat (limited to 'modules/pam_wheel/pam_wheel.8')
| -rw-r--r-- | modules/pam_wheel/pam_wheel.8 | 101 |
1 files changed, 0 insertions, 101 deletions
diff --git a/modules/pam_wheel/pam_wheel.8 b/modules/pam_wheel/pam_wheel.8 deleted file mode 100644 index ae29c37e..00000000 --- a/modules/pam_wheel/pam_wheel.8 +++ /dev/null @@ -1,101 +0,0 @@ -.\" Title: pam_wheel -.\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> -.\" Date: 06/09/2006 -.\" Manual: Linux\-PAM Manual -.\" Source: Linux\-PAM Manual -.\" -.TH "PAM_WHEEL" "8" "06/09/2006" "Linux\-PAM Manual" "Linux\-PAM Manual" -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.SH "NAME" -pam_wheel \- Only permit root access to members of group wheel -.SH "SYNOPSIS" -.HP 13 -\fBpam_wheel.so\fR [debug] [deny] [group=\fIname\fR] [root_only] [trust] [use_uid] -.SH "DESCRIPTION" -.PP -The pam_wheel PAM module is used to enforce the so\-called -\fIwheel\fR -group. By default it permits root access to the system if the applicant user is a member of the -\fIwheel\fR -group. If no group with this name exist, the module is using the group with the group\-ID -\fB0\fR. -.SH "OPTIONS" -.TP 3n -\fBdebug\fR -Print debug information. -.TP 3n -\fBdeny\fR -Reverse the sense of the auth operation: if the user is trying to get UID 0 access and is a member of the wheel group (or the group of the -\fBgroup\fR -option), deny access. Conversely, if the user is not in the group, return PAM_IGNORE (unless -\fBtrust\fR -was also specified, in which case we return PAM_SUCCESS). -.TP 3n -\fBgroup=\fR\fB\fIname\fR\fR -Instead of checking the wheel or GID 0 groups, use the -\fB\fIname\fR\fR -group to perform the authentication. -.TP 3n -\fBroot_only\fR -The check for wheel membership is done only. -.TP 3n -\fBtrust\fR -The pam_wheel module will return PAM_SUCCESS instead of PAM_IGNORE if the user is a member of the wheel group (thus with a little play stacking the modules the wheel members may be able to su to root without being prompted for a passwd). -.TP 3n -\fBuse_uid\fR -The check for wheel membership will be done against the current uid instead of the original one (useful when jumping with su from one account to another for example). -.SH "MODULE SERVICES PROVIDED" -.PP -The -\fBauth\fR -and -\fBaccount\fR -services are supported. -.SH "RETURN VALUES" -.TP 3n -PAM_AUTH_ERR -Authentication failure. -.TP 3n -PAM_BUF_ERR -Memory buffer error. -.TP 3n -PAM_IGNORE -The return value should be ignored by PAM dispatch. -.TP 3n -PAM_PERM_DENY -Permission denied. -.TP 3n -PAM_SERVICE_ERR -Cannot determine the user name. -.TP 3n -PAM_SUCCESS -Success. -.TP 3n -PAM_USER_UNKNOWN -User not known. -.SH "EXAMPLES" -.PP -The root account gains access by default (rootok), only wheel members can become root (wheel) but Unix authenticate non\-root applicants. -.sp -.RS 3n -.nf -su auth sufficient pam_rootok.so -su auth required pam_wheel.so -su auth required pam_unix.so - -.fi -.RE -.sp -.SH "SEE ALSO" -.PP - -\fBpam.conf\fR(5), -\fBpam.d\fR(8), -\fBpam\fR(8) -.SH "AUTHOR" -.PP -pam_wheel was written by Cristian Gafton <gafton@redhat.com>. |