blob: f674024cb23ab2505dd8a6ee816d4deb7ba407ca (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
|
'\" t
.\" Title: pam_env
.\" Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/08/2020
.\" Manual: Linux-PAM Manual
.\" Source: Linux-PAM Manual
.\" Language: English
.\"
.TH "PAM_ENV" "8" "06/08/2020" "Linux-PAM Manual" "Linux-PAM Manual"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
pam_env \- PAM module to set/unset environment variables
.SH "SYNOPSIS"
.HP \w'\fBpam_env\&.so\fR\ 'u
\fBpam_env\&.so\fR [debug] [conffile=\fIconf\-file\fR] [envfile=\fIenv\-file\fR] [readenv=\fI0|1\fR] [user_envfile=\fIenv\-file\fR] [user_readenv=\fI0|1\fR]
.SH "DESCRIPTION"
.PP
The pam_env PAM module allows the (un)setting of environment variables\&. Supported is the use of previously set environment variables as well as
\fIPAM_ITEM\fRs such as
\fIPAM_RHOST\fR\&.
.PP
By default rules for (un)setting of variables are taken from the config file
/etc/security/pam_env\&.conf\&. An alternate file can be specified with the
\fIconffile\fR
option\&.
.PP
Second a file (/etc/environment
by default) with simple
\fIKEY=VAL\fR
pairs on separate lines will be read\&. With the
\fIenvfile\fR
option an alternate file can be specified\&. And with the
\fIreadenv\fR
option this can be completely disabled\&.
.PP
Third it will read a user configuration file ($HOME/\&.pam_environment
by default)\&. The default file can be changed with the
\fIuser_envfile\fR
option and it can be turned on and off with the
\fIuser_readenv\fR
option\&.
.PP
Since setting of PAM environment variables can have side effects to other modules, this module should be the last one on the stack\&.
.SH "OPTIONS"
.PP
\fBconffile=\fR\fB\fI/path/to/pam_env\&.conf\fR\fR
.RS 4
Indicate an alternative
pam_env\&.conf
style configuration file to override the default\&. This can be useful when different services need different environments\&.
.RE
.PP
\fBdebug\fR
.RS 4
A lot of debug information is printed with
\fBsyslog\fR(3)\&.
.RE
.PP
\fBenvfile=\fR\fB\fI/path/to/environment\fR\fR
.RS 4
Indicate an alternative
environment
file to override the default\&. The syntax are simple
\fIKEY=VAL\fR
pairs on separate lines\&. The
\fIexport\fR
instruction can be specified for bash compatibility, but will be ignored\&. This can be useful when different services need different environments\&.
.RE
.PP
\fBreadenv=\fR\fB\fI0|1\fR\fR
.RS 4
Turns on or off the reading of the file specified by envfile (0 is off, 1 is on)\&. By default this option is on\&.
.RE
.PP
\fBuser_envfile=\fR\fB\fIfilename\fR\fR
.RS 4
Indicate an alternative
\&.pam_environment
file to override the default\&.The syntax is the same as for
\fI/etc/security/pam_env\&.conf\fR\&. The filename is relative to the user home directory\&. This can be useful when different services need different environments\&.
.RE
.PP
\fBuser_readenv=\fR\fB\fI0|1\fR\fR
.RS 4
Turns on or off the reading of the user specific environment file\&. 0 is off, 1 is on\&. By default this option is off\&.
.RE
.SH "MODULE TYPES PROVIDED"
.PP
The
\fBauth\fR
and
\fBsession\fR
module types are provided\&.
.SH "RETURN VALUES"
.PP
PAM_ABORT
.RS 4
Not all relevant data or options could be gotten\&.
.RE
.PP
PAM_BUF_ERR
.RS 4
Memory buffer error\&.
.RE
.PP
PAM_IGNORE
.RS 4
No pam_env\&.conf and environment file was found\&.
.RE
.PP
PAM_SUCCESS
.RS 4
Environment variables were set\&.
.RE
.SH "FILES"
.PP
/etc/security/pam_env\&.conf
.RS 4
Default configuration file
.RE
.PP
/etc/environment
.RS 4
Default environment file
.RE
.PP
$HOME/\&.pam_environment
.RS 4
User specific environment file
.RE
.SH "SEE ALSO"
.PP
\fBpam_env.conf\fR(5),
\fBpam.d\fR(5),
\fBpam\fR(8),
\fBenviron\fR(7)\&.
.SH "AUTHOR"
.PP
pam_env was written by Dave Kinchlea <kinch@kinch\&.ark\&.com>\&.
|
