blob: 55a447565262884984375e52d05434b21aacd845 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
pam_rootok — Gain only root access
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
DESCRIPTION
pam_rootok is a PAM module that authenticates the user if their UID is 0.
Applications that are created setuid-root generally retain the UID of the user
but run with the authority of an enhanced effective-UID. It is the real UID
that is checked.
OPTIONS
debug
Print debug information.
EXAMPLES
In the case of the su(1) application the historical usage is to permit the
superuser to adopt the identity of a lesser user without the use of a password.
To obtain this behavior with PAM the following pair of lines are needed for the
corresponding entry in the /etc/pam.d/su configuration file:
# su authentication. Root is granted access by default.
auth sufficient pam_rootok.so
auth required pam_unix.so
AUTHOR
pam_rootok was written by Andrew G. Morgan, <morgan@kernel.org>.
|
