summaryrefslogtreecommitdiffstats
path: root/modules/pam_deny/README
blob: 6b3a86f83cd99832c0b942c5e97a32c310e671e9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
pam_deny — The locking-out PAM module

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

DESCRIPTION

This module can be used to deny access. It always indicates a failure to the
application through the PAM framework. It might be suitable for using for
default (the OTHER) entries.

EXAMPLES

#%PAM-1.0
#
# If we don't have config entries for a service, the
# OTHER entries are used. To be secure, warn and deny
# access to everything.
other auth     required       pam_warn.so
other auth     required       pam_deny.so
other account  required       pam_warn.so
other account  required       pam_deny.so
other password required       pam_warn.so
other password required       pam_deny.so
other session  required       pam_warn.so
other session  required       pam_deny.so


AUTHOR

pam_deny was written by Andrew G. Morgan <morgan@kernel.org>