Visit The New, Modern Unix Linux Community

Linux and UNIX Man Pages

Test Your Knowledge in Computers #1001
Difficulty: Medium
Grace Brewster Murray Hopper was an American computer scientist and United States Navy rear admiral who found a moth in a computer stuck in a relay in 1947 and was later referred to as "Grandma COBOL" for her pioneering work in machine-independent programming languages.
True or False?
Linux & Unix Commands - Search Man Pages

pam_exec(8) [freebsd man page]

PAM_EXEC(8)						    BSD System Manager's Manual 					       PAM_EXEC(8)

NAME
pam_exec -- Exec PAM module SYNOPSIS
[service-name] module-type control-flag pam_exec [arguments] DESCRIPTION
The exec service module for PAM executes the program designated by its first argument if no options are specified, with its remaining argu- ments as command-line arguments. If options are specified, the program and its arguments follow the last option or -- if the program name conflicts with an option name. The following options may be passed before the program and its arguments: return_prog_exit_status Use the program exit status as the return code of the pam_sm_* function. It must be a valid return value for this function. -- Stop options parsing; program and its arguments follow. The child's environment is set to the current PAM environment list, as returned by pam_getenvlist(3). In addition, the following PAM items are exported as environment variables: PAM_RHOST, PAM_RUSER, PAM_SERVICE, PAM_SM_FUNC, PAM_TTY and PAM_USER. The PAM_SM_FUNC variable contains the name of the PAM service module function being called. It may be: - pam_sm_acct_mgmt - pam_sm_authenticate - pam_sm_chauthtok - pam_sm_close_session - pam_sm_open_session - pam_sm_setcred If return_prog_exit_status is not set (default), the PAM_SM_FUNC function returns PAM_SUCCESS if the program exit status is 0, PAM_PERM_DENIED otherwise. If return_prog_exit_status is set, the program exit status is used. It should be PAM_SUCCESS or one of the error codes allowed by the call- ing PAM_SM_FUNC function. The valid codes are documented in each function man page. If the exit status is not a valid return code, PAM_SERVICE_ERR is returned. Each valid codes numerical value is available as an environment variable (eg. PAM_SUCESS, PAM_USER_UNKNOWN, etc). This is useful in shell scripts for instance. SEE ALSO
pam_get_item(3), pam.conf(5), pam(8), pam_sm_acct_mgmt(8), pam_sm_authenticate(8), pam_sm_chauthtok(8), pam_sm_close_session(8), pam_sm_open_session(8), pam_sm_setcred(8) AUTHORS
The pam_exec module and this manual page were developed for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS research program. BSD
February 8, 2012 BSD

Check Out this Related Man Page

PAM_EXEC(8)							 Linux-PAM Manual						       PAM_EXEC(8)

NAME
pam_exec - PAM module which calls an external command SYNOPSIS
pam_exec.so [debug] [expose_authtok] [seteuid] [quiet] [stdout] [log=file] [type=type] command [...] DESCRIPTION
pam_exec is a PAM module that can be used to run an external command. The child's environment is set to the current PAM environment list, as returned by pam_getenvlist(3) In addition, the following PAM items are exported as environment variables: PAM_RHOST, PAM_RUSER, PAM_SERVICE, PAM_TTY, PAM_USER and PAM_TYPE, which contains one of the module types: account, auth, password, open_session and close_session. Commands called by pam_exec need to be aware of that the user can have controll over the environment. OPTIONS
debug Print debug information. expose_authtok During authentication the calling command can read the password from stdin(3). log=file The output of the command is appended to file type=type Only run the command if the module type matches the given type. stdout Per default the output of the executed command is written to /dev/null. With this option, the stdout output of the executed command is redirected to the calling application. It's in the responsibility of this application what happens with the output. The log option is ignored. quiet Per default pam_exec.so will echo the exit status of the external command if it fails. Specifying this option will suppress the message. seteuid Per default pam_exec.so will execute the external command with the real user ID of the calling process. Specifying this option means the command is run with the effective user ID. MODULE TYPES PROVIDED
All module types (auth, account, password and session) are provided. RETURN VALUES
PAM_SUCCESS The external command was run successfully. PAM_SERVICE_ERR No argument or a wrong number of arguments were given. PAM_SYSTEM_ERR A system error occurred or the command to execute failed. PAM_IGNORE pam_setcred was called, which does not execute the command. Or, the value given for the type= parameter did not match the module type. EXAMPLES
Add the following line to /etc/pam.d/passwd to rebuild the NIS database after each local password change: password optional pam_exec.so seteuid /usr/bin/make -C /var/yp This will execute the command make -C /var/yp with effective user ID. SEE ALSO
pam.conf(5), pam.d(5), pam(8) AUTHOR
pam_exec was written by Thorsten Kukuk <kukuk@thkukuk.de> and Josh Triplett <josh@joshtriplett.org>. Linux-PAM Manual 09/19/2013 PAM_EXEC(8)

Featured Tech Videos