From d48c90b14254794fcad9ccc37873a8c663cce02d Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Tue, 8 Jan 2008 12:44:15 +0000 Subject: Relevant BUGIDs: Purpose of commit: cleanup Commit summary: --------------- Remove autogenerated documentation from CVS --- modules/pam_succeed_if/README | 124 ------------------------------------------ 1 file changed, 124 deletions(-) delete mode 100644 modules/pam_succeed_if/README (limited to 'modules/pam_succeed_if/README') diff --git a/modules/pam_succeed_if/README b/modules/pam_succeed_if/README deleted file mode 100644 index 6e4907c6..00000000 --- a/modules/pam_succeed_if/README +++ /dev/null @@ -1,124 +0,0 @@ -pam_succeed_if — test account characteristics - -━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ - -DESCRIPTION - -pam_succeed_if.so is designed to succeed or fail authentication based on -characteristics of the account belonging to the user being authenticated. One -use is to select whether to load other modules based on this test. - -The module should be given one or more conditions as module arguments, and -authentication will succeed only if all of the conditions are met. - -OPTIONS - -The following flags are supported: - -debug - - Turns on debugging messages sent to syslog. - -use_uid - - Evaluate conditions using the account of the user whose UID the application - is running under instead of the user being authenticated. - -quiet - - Don't log failure or success to the system log. - -quiet_fail - - Don't log failure to the system log. - -quiet_success - - Don't log success to the system log. - -Conditions are three words: a field, a test, and a value to test for. - -Available fields are user, uid, gid, shell, home and service: - -field < number - - Field has a value numerically less than number. - -field <= number - - Field has a value numerically less than or equal to number. - -field eq number - - Field has a value numerically equal to number. - -field >= number - - Field has a value numerically greater than or equal to number. - -field > number - - Field has a value numerically greater than number. - -field ne number - - Field has a value numerically different from number. - -field = string - - Field exactly matches the given string. - -field != string - - Field does not match the given string. - -field =~ glob - - Field matches the given glob. - -field !~ glob - - Field does not match the given glob. - -field in item:item:... - - Field is contained in the list of items separated by colons. - -field notin item:item:... - - Field is not contained in the list of items separated by colons. - -user ingroup group - - User is in given group. - -user notingroup group - - User is not in given group. - -user innetgr netgroup - - (user,host) is in given netgroup. - -user notinnetgr group - - (user,host) is not in given netgroup. - -EXAMPLES - -To emulate the behaviour of pam_wheel, except there is no fallback to group 0: - -auth required pam_succeed_if.so quiet user ingroup wheel - - -Given that the type matches, only loads the othermodule rule if the UID is over -500. Adjust the number after default to skip several rules. - -type [default=1 success=ignore] pam_succeed_if.so quiet uid > 500 -type required othermodule.so arguments... - - -AUTHOR - -Nalin Dahyabhai - -- cgit v1.2.3