aboutsummaryrefslogtreecommitdiff
path: root/Linux-PAM/modules/pam_securetty/pam_securetty.8
diff options
context:
space:
mode:
Diffstat (limited to 'Linux-PAM/modules/pam_securetty/pam_securetty.8')
-rw-r--r--Linux-PAM/modules/pam_securetty/pam_securetty.885
1 files changed, 85 insertions, 0 deletions
diff --git a/Linux-PAM/modules/pam_securetty/pam_securetty.8 b/Linux-PAM/modules/pam_securetty/pam_securetty.8
new file mode 100644
index 00000000..f72e611f
--- /dev/null
+++ b/Linux-PAM/modules/pam_securetty/pam_securetty.8
@@ -0,0 +1,85 @@
+.\" Title: pam_securetty
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/04/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_SECURETTY" "8" "06/04/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_securetty \- Limit root login to special devices
+.SH "SYNOPSIS"
+.HP 17
+\fBpam_securetty.so\fR [debug]
+.SH "DESCRIPTION"
+.PP
+pam_securetty is a PAM module that allows root logins only if the user is logging in on a "secure" tty, as defined by the listing in
+\fI/etc/securetty\fR. pam_securetty also checks to make sure that
+\fI/etc/securetty\fR
+is a plain file and not world writable.
+.PP
+This module has no effect on non\-root users and requires that the application fills in the
+\fBPAM_TTY\fR
+item correctly.
+.PP
+For canonical usage, should be listed as a
+\fBrequired\fR
+authentication method before any
+\fBsufficient\fR
+authentication methods.
+.SH "OPTIONS"
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBauth\fR
+service is supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_SUCCESS
+The user is allowed to continue authentication. Either the user is not root, or the root user is trying to log in on an acceptable device.
+.TP 3n
+PAM_AUTH_ERR
+Authentication is rejected. Either root is attempting to log in via an unacceptable device, or the
+\fI/etc/securetty\fR
+file is world writable or not a normal file.
+.TP 3n
+PAM_INCOMPLETE
+An application error occurred. pam_securetty was not able to get information it required from the application that called it.
+.TP 3n
+PAM_SERVICE_ERR
+An error occurred while the module was determining the user's name or tty, or the module could not open
+\fI/etc/securetty\fR.
+.TP 3n
+PAM_IGNORE
+The module could not find the user name in the
+\fI/etc/passwd\fR
+file to verify whether the user had a UID of 0. Therefore, the results of running this module are ignored.
+.SH "EXAMPLES"
+.PP
+
+.sp
+.RS 3n
+.nf
+auth required pam_securetty.so
+auth required pam_unix.so
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBsecuretty\fR(5),
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_securetty was written by Elliot Lee <sopwith@cuc.edu>.
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-26 12:17:07 +0000