Module Name: pam_access Author[s]: Alexei Nogin <alexei@nogin.dnttm.ru> Maintainer: Management groups provided: account Cryptographically sensitive: Security rating: Clean code base: System dependencies: Requires a configuration file. By default /etc/security/access.conf is used but this can be overridden. Network aware: Through Overview of module

Provides logdaemon style login access control. Account component

Recognized arguments: accessfile=/path/to/file.conf; fieldsep=separators listsep=separators Description: This module provides logdaemon style login access control based on login names and on host (or domain) names, internet addresses (or network numbers), or on terminal line names in case of non-networked logins. Diagnostics are reported through The behavior of this module can be modified with the following arguments: accessfile=/path/to/file.conf - indicate an alternative fieldsep=separators - this option modifies the field separator character that fieldsep=| will cause the default `:' character to be treated as part of a field value and `|' becomes the field separator. Doing this is useful in conjuction with a system that wants to use pam_access with X based applications, since the listsep=separators - this option modifies the list separator character that listsep=, will cause the default ` ' and `\t' characters to be treated as part of a list element value and `,' becomes the only list element separator. Doing this is useful on a system with group information obtained from a Windows domain, where the default built-in groups "Domain Users", "Domain Admins" contain a space. Examples/suggested usage: Use of module is recommended, for example, on administrative machines such as /etc/pam.d style configurations where your modules live in /lib/security, start by adding the following line to /etc/pam.d/login, /etc/pam.d/rlogin, /etc/pam.d/rsh and /etc/pam.d/ftp: account required /lib/security/pam_access.so Note that use of this module is not effective unless your system ignores .rhosts files. See the the pam_rhosts_auth documentation. A sample access.conf configuration file is included with the distribution.