From de848d9e9146434817c65d74d1d0313e9d729462 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 27 Apr 2024 14:01:37 +0200 Subject: Adding upstream version 1.4.0. Signed-off-by: Daniel Baumann --- modules/pam_nologin/README | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 modules/pam_nologin/README (limited to 'modules/pam_nologin/README') diff --git a/modules/pam_nologin/README b/modules/pam_nologin/README new file mode 100644 index 0000000..25b1e92 --- /dev/null +++ b/modules/pam_nologin/README @@ -0,0 +1,41 @@ +pam_nologin — Prevent non-root users from login + +━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + +DESCRIPTION + +pam_nologin is a PAM module that prevents users from logging into the system +when /var/run/nologin or /etc/nologin exists. The contents of the file are +displayed to the user. The pam_nologin module has no effect on the root user's +ability to log in. + +OPTIONS + +file=/path/nologin + + Use this file instead the default /var/run/nologin or /etc/nologin. + +successok + + Return PAM_SUCCESS if no file exists, the default is PAM_IGNORE. + +EXAMPLES + +The suggested usage for /etc/pam.d/login is: + +auth required pam_nologin.so + + +NOTES + +In order to make this module effective, all login methods should be secured by +it. It should be used as a required method listed before any sufficient methods +in order to get standard Unix nologin semantics. Note, the use of successok +module argument causes the module to return PAM_SUCCESS and as such would break +such a configuration - failing sufficient modules would lead to a successful +login because the nologin module succeeded. + +AUTHOR + +pam_nologin was written by Michael K. Johnson . + -- cgit v1.2.3