pam_nologin(8) BSD System Manager's Manual pam_nologin(8)NAME
pam_nologin -- No Login PAM module
SYNOPSIS
[service-name] function-class control-flag pam_nologin [options]
DESCRIPTION
The No Login PAM module supports the account management function class. In terms of the function-class parameter, this is the ``account''
class.
The No Login authentication module always returns success for the superuser, and returns success for all other users if the file /etc/nologin
does not exist. If /etc/nologin does exist, then its contents are echoed to non-superusers before failure is returned.
FILES
/etc/nologin A message to denied users.
SEE ALSO nologin(8), pam.conf(5), pam(8), pwpolicy(8)BSD February 7, 2009 BSD
Check Out this Related Man Page
PAM_NOLOGIN(8) Linux-PAM Manual PAM_NOLOGIN(8)NAME
pam_nologin - Prevent non-root users from login
SYNOPSIS
pam_nologin.so [file=/path/nologin] [successok]
DESCRIPTION
pam_nologin is a PAM module that prevents users from logging into the system when /var/run/nologin or /etc/nologin exists. The contents of
the file are displayed to the user. The pam_nologin module has no effect on the root user's ability to log in.
OPTIONS
file=/path/nologin
Use this file instead the default /var/run/nologin or /etc/nologin.
successok
Return PAM_SUCCESS if no file exists, the default is PAM_IGNORE.
MODULE TYPES PROVIDED
The auth and acct module types are provided.
RETURN VALUES
PAM_AUTH_ERR
The user is not root and /etc/nologin exists, so the user is not permitted to log in.
PAM_BUF_ERR
Memory buffer error.
PAM_IGNORE
This is the default return value.
PAM_SUCCESS
Success: either the user is root or the nologin file does not exist.
PAM_USER_UNKNOWN
User not known to the underlying authentication module.
EXAMPLES
The suggested usage for /etc/pam.d/login is:
auth required pam_nologin.so
NOTES
In order to make this module effective, all login methods should be secured by it. It should be used as a required method listed before any
sufficient methods in order to get standard Unix nologin semantics. Note, the use of successok module argument causes the module to return
PAM_SUCCESS and as such would break such a configuration - failing sufficient modules would lead to a successful login because the nologin
module succeeded.
SEE ALSO nologin(5), pam.conf(5), pam.d(5), pam(8)AUTHOR
pam_nologin was written by Michael K. Johnson <johnsonm@redhat.com>.
Linux-PAM Manual 09/19/2013 PAM_NOLOGIN(8)
Can someone tell me how I would enable Rexec on a UNIX machine? And is the procedure different on the different systems - Solaris, HP-UX -etc.
Thanks~!!
mike (1 Reply)
Hi. As root, I'm running rsh as root from a Solaris 9 machine to some RHEL 4 servers (supposedly all configured identically) but two of about 10 respond with permission denied. There is no firewall device between the Solaris 9 client and the RHEL servers.
I'm doing something like this from the... (4 Replies)
I have a Rhel 3 machine.
I can login to it through telnet.
The config files /etc/ssh/sshd_config and /etc/ssh/ssh_config has not been modified.
But the IP address of the system was changed. Could this be issue?
It was earlier configured for passwordless login(dsa).
I tried moving the... (4 Replies)
Hi,
I have recently taken control of a number of RHEL5.3 servers that have samba shares setup on them and are authenticating using pam and winbind. My issue is that any user that has an active directory account can currently log in to the linux boxes using their ad credentials. I need to... (0 Replies)
For some reason i cannot login using root or other accounts on my Linux system.
When logging in at the main console it says "Authentication failed" in a dialog box with an OK button.
The Linux system is Redhat 4.7.
I've already checked /etc/pam.d/login, /etc/security/access.conf and ... (27 Replies)
Please I am having problem to login using Active Directory Services 2008 R2 accounts on a cubox ubuntu (2.6.32.9-dove-5.4.2 #46). "getent passwd" only shows local users, however I can querry ADS users using ldapsearch command.
I have 2 systems, one that does not use gdm can login with all users... (0 Replies)
Please I am having problem to login using Windows 2008 R2 Active Directory Services accounts on a cubox ubuntu (2.6.32.9-dove-5.4.2 #46). "getent passwd" only shows local users, however I can querry ADS users using ldapsearch command.
I have 2 systems, one that does not use gdm can login with all... (1 Reply)
Hi,
I am trying to enable rexec to automate certain tasks(it has to be rexec, not ssh or any other due to the system environment), so after switching to linux, I followed the certain instructions that were laid out in the web.
My operating system is fedora 17, so I first installed the... (1 Reply)
hi
I have configured rsh-server and running rsh command on my fedora 14 machine while executing it shows permission denied, below is the output of the same.
# rsh localhost date
Permission denied.
#
but same works in other system
# rsh localhost date
Fri Nov 23 05:31:12 PST... (5 Replies)
Hi,
I have a server running RHEL 6.0.
While logging in through root ,I can login.But if I try to login through "integ" user,I am unable to login.
/var/log/secure messages:::
May 20 15:25:23 punsyncserv su: pam_unix(su-l:session): session opened for user integ by root(uid=0)
May 20 15:29:44... (4 Replies)
Our Network Security folks have mandated that we "Kerberize" our systems to allow them to perform an authenticated scan. This consists of instructions to change /etc/pam.d/sshd from:
# sshd: auth account password session
auth optional pam_krb5.so use_kcminit
auth optional ... (0 Replies)
I've got a problem with a proxy configuration. We have an LDAP group that lists all users who are authorised to use the proxy to FTP (usually Filezilla) out to the world, and by implication those not in the group should be denied. My users are delighted that this has been enabled and those that... (9 Replies)
I have Windows AD server and all of the linux computers are joined to AD.
Recently, 2FA has been activated, I wish to exclude some of the domain service accounts from 2FA
# less /etc/pam_radius_acl.conf
sshd:*
# /etc/pam.d/sshd
auth required pam_sepermit.so
auth requisite... (0 Replies)