Module Name: pam_access Author[s]: Alexei Nogin <alexei@nogin.dnttm.ru> Maintainer: Management groups provided: account Cryptographically sensitive: Security rating: Clean code base: System dependencies: Requires a configuration file. By default /etc/security/access.conf is used but this can be overridden. Network aware: Through Overview of module

Provides logdaemon style login access control. Account component

Recognized arguments: accessfile=/path/to/file.conf; fieldsep=separators Description: This module provides logdaemon style login access control based on login names and on host (or domain) names, internet addresses (or network numbers), or on terminal line names in case of non-networked logins. Diagnostics are reported through The behavior of this module can be modified with the following arguments: accessfile=/path/to/file.conf - indicate an alternative fieldsep=separators - this option modifies the field separator character that fieldsep=| will cause the default `:' character to be treated as part of a field value and `|' becomes the field separator. Doing this is useful in conjuction with a system that wants to use pam_access with X based applications, since the Examples/suggested usage: Use of module is recommended, for example, on administrative machines such as /etc/pam.d style configurations where your modules live in /lib/security, start by adding the following line to /etc/pam.d/login, /etc/pam.d/rlogin, /etc/pam.d/rsh and /etc/pam.d/ftp: account required /lib/security/pam_access.so Note that use of this module is not effective unless your system ignores .rhosts files. See the the pam_rhosts_auth documentation. A sample access.conf configuration file is included with the distribution.