.\"     Title: pam_localuser
.\"    Author: 
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
.\"      Date: 06/09/2006
.\"    Manual: Linux\-PAM Manual
.\"    Source: Linux\-PAM Manual
.\"
.TH "PAM_LOCALUSER" "8" "06/09/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
pam_localuser \- require users to be listed in /etc/passwd
.SH "SYNOPSIS"
.HP 17
\fBpam_localuser.so\fR [debug] [file=\fI/path/passwd\fR]
.SH "DESCRIPTION"
.PP
pam_localuser is a PAM module to help implementing site\-wide login policies, where they typically include a subset of the network's users and a few accounts that are local to a particular workstation. Using pam_localuser and pam_wheel or pam_listfile is an effective way to restrict access to either local users and/or a subset of the network's users.
.PP
This could also be implemented using pam_listfile.so and a very short awk script invoked by cron, but it's common enough to have been separated out.
.SH "OPTIONS"
.PP
.TP 3n
\fBdebug\fR
Print debug information.
.TP 3n
\fBfile=\fR\fB\fI/path/passwd\fR\fR
Use a file other than
\fI/etc/passwd\fR.
.SH "MODULE SERVICES PROVIDED"
.PP
The
\fBauth\fR
and
\fBaccount\fR
services are supported.
.SH "RETURN VALUES"
.PP
.TP 3n
PAM_SUCCESS
The new localuser was set successfull.
.TP 3n
PAM_SERVICE_ERR
No username was given.
.TP 3n
PAM_USER_UNKNOWN
User not known.
.SH "EXAMPLES"
.PP
Add the following line to
\fI/etc/pam.d/su\fR
to allow only local users in group wheel to use su.
.sp
.RS 3n
.nf
account sufficient pam_localuser.so
account required pam_wheel.so
      
.fi
.RE
.sp
.SH "FILES"
.TP 3n
\fI/etc/passwd\fR
Local user account information.
.SH "SEE ALSO"
.PP

\fBpam.conf\fR(5),
\fBpam.d\fR(8),
\fBpam\fR(8)
.SH "AUTHOR"
.PP
pam_localuser was written by Nalin Dahyabhai <nalin@redhat.com>.