opensolaris man page for pam_deny

Opensolaris Man Pages All Man Pages Latest Topics Forum Categories

Query: pam_deny

OS: opensolaris

Section: 5

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

pam_deny(5)						Standards, Environments, and Macros					       pam_deny(5)


NAME

       pam_deny - PAM authentication, account, session and password management PAM module to deny operations


SYNOPSIS

       pam_deny.so.1


DESCRIPTION

       The pam_deny module implements all the PAM service module functions and returns the module type default failure return code for all calls.

       The following options are interpreted:

       debug	syslog(3C) debugging information at the LOG_AUTH|LOG_DEBUG levels


ERRORS

       The following error codes are returned:

       PAM_ACCT_EXPIRED    If pam_sm_acct_mgmt is called.

       PAM_AUTH_ERR	   If pam_sm_authenticate is called.

       PAM_AUTHOK_ERR	   If pam_sm_chauthtok is called.

       PAM_CRED_ERR	   If pam_sm_setcred is called.

       PAM_SESSION_ERR	   If pam_sm_open_session or pam_sm_close_session is called.


EXAMPLES

       Example 1 Disallowing ssh none authentication

	  sshd-none	 auth	    requisite	pam_deny.so.1
	  sshd-none	 account    requisite	pam_deny.so.1
	  sshd-none	 session    requisite	pam_deny.so.1
	  sshd-none	 password   requisite	pam_deny.so.1

       Example 2 Disallowing any service not explicitly defined

	  other 	 auth	    requisite	pam_deny.so.1
	  other 	 account    requisite	pam_deny.so.1
	  other 	 session    requisite	pam_deny.so.1
	  other 	 password   requisite	pam_deny.so.1


ATTRIBUTES

       See attributes(5) for a description of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+
       |MT Level		     |MT-Safe with exceptions	   |
       +-----------------------------+-----------------------------+


SEE ALSO

       su(1M), libpam(3LIB), pam(3PAM), pam_sm_authenticate(3PAM), syslog(3C), pam.conf(4), nsswitch.conf(4), attributes(5), pam_authtok_check(5),
       pam_authtok_get(5), pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5),  pam_unix_account(5),  pam_unix_auth(5),  pam_unix_session(5),
       privileges(5)


NOTES

       The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.

       The  pam_deny  module  is intended to deny access to a specified service. The other service name may be used to deny access to services not
       explicitly specified.

SunOS 5.11							    16 Jun 2005 						       pam_deny(5)
Related Man Pages
pam_deny(5) - opensolaris
pam_unix_session(5) - opendarwin
pam_unix_session(5) - hpux
pam_unix_session(5) - centos
pam_unix_session(5) - x11r4
Similar Topics in the Unix Linux Community
Allow user@ip_good but deny user@any_other_ip in sshd.
Doubt, sshd restart kills the session on Solaris 8,9,10
sshd autostart problem
Sshd - error
Setting Up Google 2F Authentication for Automated (Crontab) rsync