PAM_LOCALUSER(8) Linux-PAM Manual PAM_LOCALUSER(8)NAMEpam_localuser - require users to be listed in /etc/passwdSYNOPSISpam_localuser.so [debug] [file=/path/passwd]DESCRIPTIONpam_localuser is a PAM module to help implementing site-wide login policies, where they typically include a subset of the network's users and a few accounts that are local to a particular workstation. Using pam_localuser and pam_wheel or pam_listfile is an effective way to restrict access to either local users and/or a subset of the network's users. This could also be implemented using pam_listfile.so and a very short awk script invoked by cron, but it's common enough to have been separated out.OPTIONSdebug Print debug information. file=/path/passwd Use a file other than /etc/passwd.MODULE TYPES PROVIDEDAll module types (account, auth, password and session) are provided.RETURN VALUESPAM_SUCCESS The new localuser was set successfully. PAM_SERVICE_ERR No username was given. PAM_USER_UNKNOWN User not known.EXAMPLESAdd the following line to /etc/pam.d/su to allow only local users in group wheel to use su. account sufficient pam_localuser.so account required pam_wheel.soFILES/etc/passwd Local user account information.SEE ALSOpam.conf(5), pam.d(5), pam(7)AUTHORpam_localuser was written by Nalin Dahyabhai <nalin@redhat.com>. Linux-PAM Manual 06/04/2011 PAM_LOCALUSER(8)