summaryrefslogtreecommitdiffstats
path: root/modules/pam_rootok/README
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 12:01:37 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 12:01:37 +0000
commitde848d9e9146434817c65d74d1d0313e9d729462 (patch)
treedcbd0efb229b17f696f7195671f05b354b4f70fc /modules/pam_rootok/README
parentInitial commit. (diff)
downloadpam-de848d9e9146434817c65d74d1d0313e9d729462.tar.xz
pam-de848d9e9146434817c65d74d1d0313e9d729462.zip
Adding upstream version 1.4.0.upstream/1.4.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'modules/pam_rootok/README')
-rw-r--r--modules/pam_rootok/README33
1 files changed, 33 insertions, 0 deletions
diff --git a/modules/pam_rootok/README b/modules/pam_rootok/README
new file mode 100644
index 0000000..55a4475
--- /dev/null
+++ b/modules/pam_rootok/README
@@ -0,0 +1,33 @@
+pam_rootok — Gain only root access
+
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+DESCRIPTION
+
+pam_rootok is a PAM module that authenticates the user if their UID is 0.
+Applications that are created setuid-root generally retain the UID of the user
+but run with the authority of an enhanced effective-UID. It is the real UID
+that is checked.
+
+OPTIONS
+
+debug
+
+ Print debug information.
+
+EXAMPLES
+
+In the case of the su(1) application the historical usage is to permit the
+superuser to adopt the identity of a lesser user without the use of a password.
+To obtain this behavior with PAM the following pair of lines are needed for the
+corresponding entry in the /etc/pam.d/su configuration file:
+
+# su authentication. Root is granted access by default.
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+
+
+AUTHOR
+
+pam_rootok was written by Andrew G. Morgan, <morgan@kernel.org>.
+