The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

pam_wheel (8)
  • >> pam_wheel (8) ( Linux man: Команды системного администрирования )
  •  

    NAME

    pam_wheel - Only permit root access to members of group wheel
     
    

    SYNOPSIS

    pam_wheel.so [debug] [deny] [group=name] [root_only] [trust] [use_uid]
     

    DESCRIPTION

    The pam_wheel PAM module is used to enforce the so-called wheel group. By default it permits root access to the system if the applicant user is a member of the wheel group. If no group with this name exist, the module is using the group with the group-ID 0.  

    OPTIONS

    debug
    Print debug information.
    deny
    Reverse the sense of the auth operation: if the user is trying to get UID 0 access and is a member of the wheel group (or the group of the group option), deny access. Conversely, if the user is not in the group, return PAM_IGNORE (unless trust was also specified, in which case we return PAM_SUCCESS).
    group=name
    Instead of checking the wheel or GID 0 groups, use the name group to perform the authentification.
    root_only
    The check for wheel membership is done only.
    trust
    The pam_wheel module will return PAM_SUCCESS instead of PAM_IGNORE if the user is a member of the wheel group (thus with a little play stacking the modules the wheel members may be able to su to root without being prompted for a passwd).
    use_uid
    The check for wheel membership will be done against the current uid instead of the original one (useful when jumping with su from one account to another for example).
     

    MODULE SERVICES PROVIDED

    The auth and account services are supported.  

    RETURN VALUES

    PAM_AUTH_ERR
    Authentication failure.
    PAM_BUF_ERR
    Memory buffer error.
    PAM_IGNORE
    The return value should be ignored by PAM dispatch.
    PAM_PERM_DENY
    Permission denied.
    PAM_SERVICE_ERR
    Cannot determine the user name.
    PAM_SUCCESS
    Success.
    PAM_USER_UNKNOWN
    User not known.
     

    EXAMPLES

    The root account gains access by default (rootok), only wheel members can become root (wheel) but Unix authenticate non-root applicants.

    su      auth     sufficient     pam_rootok.so
    su      auth     required       pam_wheel.so
    su      auth     required       pam_unix.so
          
    

     

    SEE ALSO

    pam.conf(5), pam.d(8), pam(8)  

    AUTHOR

    pam_wheel was written by Cristian Gafton <[email protected]>.


     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    OPTIONS
    MODULE SERVICES PROVIDED
    RETURN VALUES
    EXAMPLES
    SEE ALSO
    AUTHOR


    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру