opensolaris man page for pam_deny

Opensolaris Man Pages All Man Pages Latest Topics Forum Categories

Query: pam_deny

OS: opensolaris

Section: 5

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

pam_deny(5)						Standards, Environments, and Macros					       pam_deny(5)


NAME

       pam_deny - PAM authentication, account, session and password management PAM module to deny operations


SYNOPSIS

       pam_deny.so.1


DESCRIPTION

       The pam_deny module implements all the PAM service module functions and returns the module type default failure return code for all calls.

       The following options are interpreted:

       debug	syslog(3C) debugging information at the LOG_AUTH|LOG_DEBUG levels


ERRORS

       The following error codes are returned:

       PAM_ACCT_EXPIRED    If pam_sm_acct_mgmt is called.

       PAM_AUTH_ERR	   If pam_sm_authenticate is called.

       PAM_AUTHOK_ERR	   If pam_sm_chauthtok is called.

       PAM_CRED_ERR	   If pam_sm_setcred is called.

       PAM_SESSION_ERR	   If pam_sm_open_session or pam_sm_close_session is called.


EXAMPLES

       Example 1 Disallowing ssh none authentication

	  sshd-none	 auth	    requisite	pam_deny.so.1
	  sshd-none	 account    requisite	pam_deny.so.1
	  sshd-none	 session    requisite	pam_deny.so.1
	  sshd-none	 password   requisite	pam_deny.so.1

       Example 2 Disallowing any service not explicitly defined

	  other 	 auth	    requisite	pam_deny.so.1
	  other 	 account    requisite	pam_deny.so.1
	  other 	 session    requisite	pam_deny.so.1
	  other 	 password   requisite	pam_deny.so.1


ATTRIBUTES

       See attributes(5) for a description of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+
       |MT Level		     |MT-Safe with exceptions	   |
       +-----------------------------+-----------------------------+


SEE ALSO

       su(1M), libpam(3LIB), pam(3PAM), pam_sm_authenticate(3PAM), syslog(3C), pam.conf(4), nsswitch.conf(4), attributes(5), pam_authtok_check(5),
       pam_authtok_get(5), pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5),  pam_unix_account(5),  pam_unix_auth(5),  pam_unix_session(5),
       privileges(5)


NOTES

       The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.

       The  pam_deny  module  is intended to deny access to a specified service. The other service name may be used to deny access to services not
       explicitly specified.

SunOS 5.11							    16 Jun 2005 						       pam_deny(5)
Related Man Pages
pam_allow(5) - opensolaris
pam_unix_session(5) - plan9
pam_unix_session(5) - x11r4
pam_unix_session(5) - v7
pam_unix_session(5) - php
Similar Topics in the Unix Linux Community
sshdautoban 0.6 (Default branch)
Removing "Failed none for" error messages from sshd logs files
Doubt, sshd restart kills the session on Solaris 8,9,10
sshd autostart problem
Setting Up Google 2F Authentication for Automated (Crontab) rsync