pam_rootok(8) [osx man page]

pam_rootok(8)						    BSD System Manager's Manual 					     pam_rootok(8)

NAME

     pam_rootok -- Root OK PAM module

SYNOPSIS

     [service-name] function-class control-flag pam_rootok [options]

DESCRIPTION

     The Root OK PAM module supports the authentication function class.  In terms of the function-class parameter, this is the ``auth'' class.

     The Root OK authentication module always returns success for the superuser without prompting for a password.

     The following option may be passed to this authentication module:

     debug	 Debug information will be printed to the system log.

SEE ALSO

     pam.conf(5), pam(8)

BSD
								 February 7, 2009							       BSD

PAM_ROOTOK(8)							 Linux-PAM Manual						     PAM_ROOTOK(8)

NAME

       pam_rootok - Gain only root access

SYNOPSIS

       pam_rootok.so [debug]

DESCRIPTION

       pam_rootok is a PAM module that authenticates the user if their UID is 0. Applications that are created setuid-root generally retain the
       UID of the user but run with the authority of an enhanced effective-UID. It is the real UID that is checked.

OPTIONS

       debug
	   Print debug information.

MODULE TYPES PROVIDED

       The auth, acct and password module types are provided.

RETURN VALUES

       PAM_SUCCESS
	   The UID is 0.

       PAM_AUTH_ERR
	   The UID is not 0.

EXAMPLES

       In the case of the su(1) application the historical usage is to permit the superuser to adopt the identity of a lesser user without the use
       of a password. To obtain this behavior with PAM the following pair of lines are needed for the corresponding entry in the /etc/pam.d/su
       configuration file:

	   # su authentication. Root is granted access by default.
	   auth  sufficient   pam_rootok.so
	   auth  required     pam_unix.so

SEE ALSO

       su(1), pam.conf(5), pam.d(5), pam(7)

AUTHOR

       pam_rootok was written by Andrew G. Morgan, <morgan@kernel.org>.

Linux-PAM Manual						    06/04/2011							     PAM_ROOTOK(8)