diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 14:22:51 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 14:22:51 +0000 |
commit | 9ada0093e92388590c7368600ca4e9e3e376f0d0 (patch) | |
tree | a56fe41110023676d7082028cbaa47ca4b6e6164 /modules/pam_securetty/README | |
parent | Initial commit. (diff) | |
download | pam-9ada0093e92388590c7368600ca4e9e3e376f0d0.tar.xz pam-9ada0093e92388590c7368600ca4e9e3e376f0d0.zip |
Adding upstream version 1.5.2.upstream/1.5.2upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | modules/pam_securetty/README | 42 | ||||
-rw-r--r-- | modules/pam_securetty/README.xml | 41 |
2 files changed, 83 insertions, 0 deletions
diff --git a/modules/pam_securetty/README b/modules/pam_securetty/README new file mode 100644 index 0000000..21764e4 --- /dev/null +++ b/modules/pam_securetty/README @@ -0,0 +1,42 @@ +pam_securetty — Limit root login to special devices + +━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + +DESCRIPTION + +pam_securetty is a PAM module that allows root logins only if the user is +logging in on a "secure" tty, as defined by the listing in the securetty file. +pam_securetty checks at first, if /etc/securetty exists. If not and it was +built with vendordir support, it will use <vendordir>/securetty. pam_securetty +also checks that the securetty files are plain files and not world writable. It +will also allow root logins on the tty specified with console= switch on the +kernel command line and on ttys from the /sys/class/tty/console/active. + +This module has no effect on non-root users and requires that the application +fills in the PAM_TTY item correctly. + +For canonical usage, should be listed as a required authentication method +before any sufficient authentication methods. + +OPTIONS + +debug + + Print debug information. + +noconsole + + Do not automatically allow root logins on the kernel console device, as + specified on the kernel command line or by the sys file, if it is not also + specified in the securetty file. + +EXAMPLES + +auth required pam_securetty.so +auth required pam_unix.so + + +AUTHOR + +pam_securetty was written by Elliot Lee <sopwith@cuc.edu>. + diff --git a/modules/pam_securetty/README.xml b/modules/pam_securetty/README.xml new file mode 100644 index 0000000..a8c098a --- /dev/null +++ b/modules/pam_securetty/README.xml @@ -0,0 +1,41 @@ +<?xml version="1.0" encoding='UTF-8'?> +<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" +"http://www.docbook.org/xml/4.3/docbookx.dtd" +[ +<!-- +<!ENTITY pamaccess SYSTEM "pam_securetty.8.xml"> +--> +]> + +<article> + + <articleinfo> + + <title> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_securetty.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_securetty-name"]/*)'/> + </title> + + </articleinfo> + + <section> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-description"]/*)'/> + </section> + + <section> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-options"]/*)'/> + </section> + + <section> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-examples"]/*)'/> + </section> + + <section> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_securetty.8.xml" xpointer='xpointer(//refsect1[@id = "pam_securetty-author"]/*)'/> + </section> + +</article> |