From 9ada0093e92388590c7368600ca4e9e3e376f0d0 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 16:22:51 +0200 Subject: Adding upstream version 1.5.2. Signed-off-by: Daniel Baumann --- modules/pam_sepermit/sepermit.conf.5.xml | 110 +++++++++++++++++++++++++++++++ 1 file changed, 110 insertions(+) create mode 100644 modules/pam_sepermit/sepermit.conf.5.xml (limited to 'modules/pam_sepermit/sepermit.conf.5.xml') diff --git a/modules/pam_sepermit/sepermit.conf.5.xml b/modules/pam_sepermit/sepermit.conf.5.xml new file mode 100644 index 0000000..511480f --- /dev/null +++ b/modules/pam_sepermit/sepermit.conf.5.xml @@ -0,0 +1,110 @@ + + + + + + + sepermit.conf + 5 + Linux-PAM Manual + + + + sepermit.conf + configuration file for the pam_sepermit module + + + + DESCRIPTION + + The lines of the configuration file have the following syntax: + + + <user>[:<option>:<option>...] + + + The user can be specified in the following manner: + + + + + a username + + + + + a groupname, with @group syntax. + This should not be confused with netgroups. + + + + + a SELinux user name with %seuser syntax. + + + + + + The recognized options are: + + + + + + + + Only single login session will be allowed for the user + and the user's processes will be killed on logout. + + + + + + + + The module will never return PAM_SUCCESS status for the user. + It will return PAM_IGNORE if SELinux is in the enforcing mode, + and PAM_AUTH_ERR otherwise. It is useful if you want to support + passwordless guest users and other confined users with passwords + simultaneously. + + + + + + + The lines which start with # character are comments and are ignored. + + + + + EXAMPLES + + These are some example lines which might be specified in + /etc/security/sepermit.conf. + + +%guest_u:exclusive +%staff_u:ignore +%user_u:ignore + + + + + SEE ALSO + + pam_sepermit8, + pam.d5, + pam8, + selinux8, + + + + + AUTHOR + + pam_sepermit and this manual page were written by Tomas Mraz <tmraz@redhat.com> + + + -- cgit v1.2.3