blob: 2cd156c03ff6f10312bad9d5c5bf5f5453aec4bb (plain
only permit root authentication to members of wheel group
debug Write a message to syslog indicating success or
use_uid The check for wheel membership will be done against
the current uid instead of the original one
(useful when jumping with su from one account to
another for example).
trust The pam_wheel module will return PAM_SUCCESS instead
of PAM_IGNORE if the user is a member of the wheel
group (thus with a little play stacking the modules
the wheel members may be able to su to root without
being prompted for a passwd).
deny Reverse the sense of the auth operation: if the user
is trying to get UID 0 access and is a member of the
wheel group, deny access (well, kind of nonsense, but
for use in conjunction with 'group' argument... :-)
Conversely, if the user is not in the group, return
PAM_IGNORE (unless 'trust' was also specified, in
which case we return PAM_SUCCESS).
group=xxxx Instead of checking the wheel or GID 0 groups, use
the xxxx group to perform the authentification.
root_only The check for wheel membership is done only
if the uid of requested account is 0.
MODULE SERVICES PROVIDED:
auth _authentication, _setcred (blank) and _acct_mgmt
Cristian Gafton <email@example.com>