diff options
Diffstat (limited to 'modules/pam_usertype/pam_usertype.8')
-rw-r--r-- | modules/pam_usertype/pam_usertype.8 | 135 |
1 files changed, 135 insertions, 0 deletions
diff --git a/modules/pam_usertype/pam_usertype.8 b/modules/pam_usertype/pam_usertype.8 new file mode 100644 index 0000000..16a1808 --- /dev/null +++ b/modules/pam_usertype/pam_usertype.8 @@ -0,0 +1,135 @@ +'\" t +.\" Title: pam_usertype +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 06/08/2020 +.\" Manual: Linux-PAM +.\" Source: Linux-PAM +.\" Language: English +.\" +.TH "PAM_USERTYPE" "8" "06/08/2020" "Linux-PAM" "Linux\-PAM" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +pam_usertype \- check if the authenticated user is a system or regular account +.SH "SYNOPSIS" +.HP \w'\fBpam_usertype\&.so\fR\ 'u +\fBpam_usertype\&.so\fR [\fIflag\fR...] {\fIcondition\fR} +.SH "DESCRIPTION" +.PP +pam_usertype\&.so is designed to succeed or fail authentication based on type of the account of the authenticated user\&. The type of the account is decided with help of +\fISYS_UID_MIN\fR +and +\fISYS_UID_MAX\fR +settings in +\fI/etc/login\&.defs\fR\&. One use is to select whether to load other modules based on this test\&. +.PP +The module should be given only one condition as module argument\&. Authentication will succeed only if the condition is met\&. +.SH "OPTIONS" +.PP +The following +\fIflag\fRs are supported: +.PP +\fBuse_uid\fR +.RS 4 +Evaluate conditions using the account of the user whose UID the application is running under instead of the user being authenticated\&. +.RE +.PP +\fBaudit\fR +.RS 4 +Log unknown users to the system log\&. +.RE +.PP +Available +\fIcondition\fRs are: +.PP +\fBissystem\fR +.RS 4 +Succeed if the user is a system user\&. +.RE +.PP +\fBisregular\fR +.RS 4 +Succeed if the user is a regular user\&. +.RE +.SH "MODULE TYPES PROVIDED" +.PP +All module types (\fBaccount\fR, +\fBauth\fR, +\fBpassword\fR +and +\fBsession\fR) are provided\&. +.SH "RETURN VALUES" +.PP +PAM_SUCCESS +.RS 4 +The condition was true\&. +.RE +.PP +PAM_BUF_ERR +.RS 4 +Memory buffer error\&. +.RE +.PP +PAM_CONV_ERR +.RS 4 +The conversation method supplied by the application failed to obtain the username\&. +.RE +.PP +PAM_INCOMPLETE +.RS 4 +The conversation method supplied by the application returned PAM_CONV_AGAIN\&. +.RE +.PP +PAM_AUTH_ERR +.RS 4 +The condition was false\&. +.RE +.PP +PAM_SERVICE_ERR +.RS 4 +A service error occurred or the arguments can\*(Aqt be parsed correctly\&. +.RE +.PP +PAM_USER_UNKNOWN +.RS 4 +User was not found\&. +.RE +.SH "EXAMPLES" +.PP +Skip remaining modules if the user is a system user: +.sp +.if n \{\ +.RS 4 +.\} +.nf +account sufficient pam_usertype\&.so issystem + +.fi +.if n \{\ +.RE +.\} +.SH "SEE ALSO" +.PP +\fBlogin.defs\fR(5), +\fBpam\fR(8) +.SH "AUTHOR" +.PP +Pavel Březina <pbrezina@redhat\&.com> |