From 23624ea6f78ec8acc167a2491c00998907fc76b1 Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Tue, 16 Aug 2005 12:27:38 +0000 Subject: Relevant BUGIDs: none Purpose of commit: new feature Commit summary: --------------- Big "automake/autoconf/libtool" commit --- modules/pam_securetty/Makefile | 15 ------ modules/pam_securetty/Makefile.am | 20 +++++++ modules/pam_securetty/pam_securetty.8 | 98 +++++++++++++++++++++++++++++++++++ 3 files changed, 118 insertions(+), 15 deletions(-) delete mode 100644 modules/pam_securetty/Makefile create mode 100644 modules/pam_securetty/Makefile.am create mode 100644 modules/pam_securetty/pam_securetty.8 (limited to 'modules/pam_securetty') diff --git a/modules/pam_securetty/Makefile b/modules/pam_securetty/Makefile deleted file mode 100644 index 9b80d2e9..00000000 --- a/modules/pam_securetty/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -# -# $Id$ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Created by Andrew Morgan 2000/08/27 -# - -include ../../Make.Rules - -TITLE=pam_securetty - -include ../Simple.Rules diff --git a/modules/pam_securetty/Makefile.am b/modules/pam_securetty/Makefile.am new file mode 100644 index 00000000..cfa1611c --- /dev/null +++ b/modules/pam_securetty/Makefile.am @@ -0,0 +1,20 @@ +# +# Copyright (c) 2005 Thorsten Kukuk +# + +CLEANFILES = *~ + +EXTRA_DIST = README $(MANS) + +man_MANS = pam_securetty.8 + +securelibdir = $(SECUREDIR) +secureconfdir = $(SCONFIGDIR) + +AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \ + -I$(top_srcdir)/modules/pammodutil/include/ +AM_LDFLAGS = -avoid-version -module \ + -L$(top_builddir)/modules/pammodutil -lpammodutil \ + -L$(top_builddir)/libpam -lpam + +securelib_LTLIBRARIES = pam_securetty.la diff --git a/modules/pam_securetty/pam_securetty.8 b/modules/pam_securetty/pam_securetty.8 new file mode 100644 index 00000000..2364a312 --- /dev/null +++ b/modules/pam_securetty/pam_securetty.8 @@ -0,0 +1,98 @@ +.\" Copyright (C) 2003 International Business Machines Corp. +.\" This file is distributed according to the GNU General Public License. +.\" See the file COPYING in the top level source directory for details. +.\" +.de Sh \" Subsection +.br +.if t .Sp +.ne 5 +.PP +\fB\\$1\fR +.PP +.. +.de Sp \" Vertical space (when we can't use .PP) +.if t .sp .5v +.if n .sp +.. +.de Ip \" List item +.br +.ie \\n(.$>=3 .ne \\$3 +.el .ne 3 +.IP "\\$1" \\$2 +.. +.TH "PAM_SECURETTY" 8 "2003-02-21" "Linux 2.4" "System Administrator's Manual" +.SH NAME +pam_securetty \- Limits root to logging in on devices listed in /etc/securetty +.SH "SYNOPSIS" +.ad l +.hy 0 + +/usr/security/pam_securetty +.sp +.ad +.hy + +.SH "DESCRIPTION" + +.PP +\fBpam_securetty\fR is a PAM module that allows root logins only if the +user is logging in on a "secure" tty, as defined by the listing in +\fI/etc/securetty\fR. +\fBpam_securetty\fR also checks to make sure that \fI/etc/securetty\fR +is a plain file and not world writable. + +.PP +This module has no effect on non-root users. + +.SH "OPTIONS" +.PP +\fBpam_securetty\fR has no options. + +.SH "RETURN CODES" +.PP +\fBpam_securetty\fR has the following return codes: +.TP +PAM_SUCCESS +The user is allowed to continue authentication. +Either the user is not root, or the root user is trying to log in on +an acceptable device. + +.TP +PAM_AUTH_ERR +Authentication is rejected. +Either root is attempting to log in via an unacceptable device, +or the \fI/etc/securetty\fR file is world writable or not a normal file. + +.TP +PAM_INCOMPLETE +An application error occurred. \fBpam_securetty\fR was not able to get +information it required from the application that called it. + +.TP +PAM_SERVICE_ERR +An error occurred while the module was determining the user's name or tty, +or the module could not open \fI/etc/securetty\fR. + +.TP +PAM_IGNORE +The module could not find the user name in the +\fI/etc/passwd\fR file to verify whether the user had a UID of 0. +Therefore, the results of running this module are ignored. + +.SH "HISTORY" + +.PP +\fBpam_securetty\fR was written by Elliot Lee. + +.SH "FILES" + +.PP + \fI/etc/securetty\fR + +.SH "SEE ALSO" + +.PP +\fBpam.conf\fR(8), \fBpam.d\fR(8), \fBpam\fR(8), \fBsecuretty\fR(8). + +.SH AUTHOR +Emily Ratliff. -- cgit v1.2.3