diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 12:01:37 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 12:01:37 +0000 |
commit | de848d9e9146434817c65d74d1d0313e9d729462 (patch) | |
tree | dcbd0efb229b17f696f7195671f05b354b4f70fc /modules/pam_rootok/README | |
parent | Initial commit. (diff) | |
download | pam-de848d9e9146434817c65d74d1d0313e9d729462.tar.xz pam-de848d9e9146434817c65d74d1d0313e9d729462.zip |
Adding upstream version 1.4.0.upstream/1.4.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'modules/pam_rootok/README')
-rw-r--r-- | modules/pam_rootok/README | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/modules/pam_rootok/README b/modules/pam_rootok/README new file mode 100644 index 0000000..55a4475 --- /dev/null +++ b/modules/pam_rootok/README @@ -0,0 +1,33 @@ +pam_rootok — Gain only root access + +━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + +DESCRIPTION + +pam_rootok is a PAM module that authenticates the user if their UID is 0. +Applications that are created setuid-root generally retain the UID of the user +but run with the authority of an enhanced effective-UID. It is the real UID +that is checked. + +OPTIONS + +debug + + Print debug information. + +EXAMPLES + +In the case of the su(1) application the historical usage is to permit the +superuser to adopt the identity of a lesser user without the use of a password. +To obtain this behavior with PAM the following pair of lines are needed for the +corresponding entry in the /etc/pam.d/su configuration file: + +# su authentication. Root is granted access by default. +auth sufficient pam_rootok.so +auth required pam_unix.so + + +AUTHOR + +pam_rootok was written by Andrew G. Morgan, <morgan@kernel.org>. + |