Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

pam_deny(5) [opensolaris man page]

pam_deny(5)						Standards, Environments, and Macros					       pam_deny(5)

NAME

       pam_deny - PAM authentication, account, session and password management PAM module to deny operations

SYNOPSIS

       pam_deny.so.1

DESCRIPTION

       The pam_deny module implements all the PAM service module functions and returns the module type default failure return code for all calls.

       The following options are interpreted:

       debug	syslog(3C) debugging information at the LOG_AUTH|LOG_DEBUG levels

ERRORS

       The following error codes are returned:

       PAM_ACCT_EXPIRED    If pam_sm_acct_mgmt is called.

       PAM_AUTH_ERR	   If pam_sm_authenticate is called.

       PAM_AUTHOK_ERR	   If pam_sm_chauthtok is called.

       PAM_CRED_ERR	   If pam_sm_setcred is called.

       PAM_SESSION_ERR	   If pam_sm_open_session or pam_sm_close_session is called.

EXAMPLES

       Example 1 Disallowing ssh none authentication

	  sshd-none	 auth	    requisite	pam_deny.so.1
	  sshd-none	 account    requisite	pam_deny.so.1
	  sshd-none	 session    requisite	pam_deny.so.1
	  sshd-none	 password   requisite	pam_deny.so.1

       Example 2 Disallowing any service not explicitly defined

	  other 	 auth	    requisite	pam_deny.so.1
	  other 	 account    requisite	pam_deny.so.1
	  other 	 session    requisite	pam_deny.so.1
	  other 	 password   requisite	pam_deny.so.1

ATTRIBUTES

       See attributes(5) for a description of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+
       |MT Level		     |MT-Safe with exceptions	   |
       +-----------------------------+-----------------------------+

SEE ALSO

       su(1M), libpam(3LIB), pam(3PAM), pam_sm_authenticate(3PAM), syslog(3C), pam.conf(4), nsswitch.conf(4), attributes(5), pam_authtok_check(5),
       pam_authtok_get(5), pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5),  pam_unix_account(5),  pam_unix_auth(5),  pam_unix_session(5),
       privileges(5)

NOTES

       The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.

       The  pam_deny  module  is intended to deny access to a specified service. The other service name may be used to deny access to services not
       explicitly specified.

SunOS 5.11							    16 Jun 2005 						       pam_deny(5)

Check Out this Related Man Page

pam_unix_session(5)                                     Standards, Environments, and Macros                                    pam_unix_session(5)

NAME

       pam_unix_session - session management PAM module for UNIX

SYNOPSIS

       pam_unix_session.so.1

DESCRIPTION

       The pam_unix_session module implements pam_sm_open_session(3PAM) and pam_sm_close_session(3PAM).

       pam_sm_open_session()  updates  the  /var/adm/lastlog  file  with the information contained in the PAM_USER, PAM_TTY, and PAM_RHOSTS items.
       pam_unix_account(5) uses this account to determine the previous time the user logged in.

       pam_sm_close_session() is a null function.

       The following options can be passed to the module:

       debug           syslog(3C) debugging information at the LOG_DEBUG level

ERRORS

       Upon successful completion, PAM_SUCCESS is returned.  The following error codes are returned upon error:

       PAM_SESSION_ERR         Cannot make or remove the entry for the specified session (PAM_TTY is not present).

       PAM_USER_UNKNOWN        No account is present for user.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE         |      ATTRIBUTE VALUE        |
       +-----------------------------+-----------------------------+
       |Interface Stability          |Evolving                     |
       +-----------------------------+-----------------------------+
       |MT Level                     |MT-Safe with exceptions      |
       +-----------------------------+-----------------------------+

SEE ALSO

       pam(3PAM), pam_authenticate(3PAM), syslog(3C), libpam(3LIB), pam.conf(4), nsswitch.conf(4), attributes(5), pam_authtok_check(5),  pam_auth-
       tok_get(5), pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5), pam_unix_account(5),pam_unix_auth(5),

NOTES

       The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.

       The  pam_unix(5)  module  is  no longer supported. Similar functionality is provided by pam_authtok_check(5), pam_authtok_get(5), pam_auth-
       tok_store(5), pam_dhkeys(5), pam_passwd_auth(5), pam_unix_account(5), pam_unix_auth(5), and pam_unix_session(5).

SunOS 5.10                                                          9 Sept 2004                                                pam_unix_session(5)
Man Page