pam_stack(8) System Administrator's Manual pam_stack(8)NAME
pam_stack - recurse into other PAM stacks
SYNOPSIS
auth required /lib/security/pam_stack.so service=foo
session optional /lib/security/pam_stack.so service=foo
password optional /lib/security/pam_stack.so service=foo
account optional /lib/security/pam_stack.so service=foo
DESCRIPTION
In a nutshell, pam_stack lets you "call", from inside of the stack for a particular service, the stack defined for any another service.
The intention is to allow multiple services to "include" a system-wide setup, so that when that setup needs to be changed, it need only be
changed in one place.
ARGUMENTS
debug turns on debugging via syslog(3).
service=name
tells pam_stack.so to execute the stack defined for the service name, which will usually be another file in /etc/pam.d.
EXAMPLE
/etc/pam.d/imap:
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_shells.so
/etc/pam.d/system-auth:
auth sufficient /lib/security/pam_krb5.so
auth sufficient /lib/security/pam_unix.so shadow nullok
auth required /lib/security/pam_deny.so
CAVEAT
Because recursion is fully supported, there is potential to really break things by having a stack call itself either directly or via mutual
recursion.
BUGS
Let's hope not, but if you find any, please email the author.
AUTHOR
Nalin Dahyabhai <nalin@redhat.com>
Red Hat Linux 2001/01/30 pam_stack(8)
Check Out this Related Man Page
PAM_DENY(8) Linux-PAM Manual PAM_DENY(8)NAME
pam_deny - The locking-out PAM module
SYNOPSIS
pam_deny.so
DESCRIPTION
This module can be used to deny access. It always indicates a failure to the application through the PAM framework. It might be suitable
for using for default (the OTHER) entries.
OPTIONS
This module does not recognise any options.
MODULE TYPES PROVIDED
All module types (account, auth, password and session) are provided.
RETURN VALUES
PAM_AUTH_ERR
This is returned by the account and auth services.
PAM_CRED_ERR
This is returned by the setcred function.
PAM_AUTHTOK_ERR
This is returned by the password service.
PAM_SESSION_ERR
This is returned by the session service.
EXAMPLES
#%PAM-1.0
#
# If we don't have config entries for a service, the
# OTHER entries are used. To be secure, warn and deny
# access to everything.
other auth required pam_warn.so
other auth required pam_deny.so
other account required pam_warn.so
other account required pam_deny.so
other password required pam_warn.so
other password required pam_deny.so
other session required pam_warn.so
other session required pam_deny.so
SEE ALSO pam.conf(5), pam.d(5), pam(7)AUTHOR
pam_deny was written by Andrew G. Morgan <morgan@kernel.org>
Linux-PAM Manual 06/04/2011 PAM_DENY(8)
Hi Guys !
I am very new to this forum, but I have, for the past year been reading the coms inside. It looks very helpful for peeps like me who like to try many things, don't mind the hard work, but just don't know where to start.
I will start with an easy one (I think)
I am trying to set up... (3 Replies)
I would really like to work within security in the I.T industry,
though I am not sure what my next step should be.
I can not afford a security course at this point in time. I have
been reading books and catching up with security tips as
much as I can from the Internet. Though I feel I can... (6 Replies)
Hi,
If i have given to write a prog for factorial in C using recursion and without
recursion which one is better in what condition and why ?
thanks (2 Replies)
Hello,
I'm experimenting a problem on my rh server.
Red Hat Enterprise Linux AS release 3 (Taroon Update 8)
2.4.21-47.ELsmp #1 SMP i686 i686 i386 GNU/Linux
It started with a segmentation fault on
#id root
To resolve it, I've installed
coreutils-4.5.3-28.4.i386.rpm
But, I... (6 Replies)
How serious is this hacking...
I noticed if I went to Delicious' https login page via my user page (http://delicious.com/) then Firefox always gave a 'there is unencrypted content included in this https page' warning, and further that if I attempted to then log in the cursor jumps back up to the... (9 Replies)
void main() {
long ((long)(&array));
int x;
for (;;)
{
(array) =+ 1023;
printf("%c", array);
}
}
What is wrong with this code to print Linux RAM? (13 Replies)
Hello,
I've been asked to look this up and I'm having issue finding it. We are currently harding our servers and I'm new to SUSE 11. The security people at work want me to disable the portmapper service.
How do you disable the portmapper service?
Thanks
... (3 Replies)
Hi,
i have the following config in the system-auth files
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so
account required ... (2 Replies)
Hello everyone,
I hope I'm posting my question in the right section as it is not too easy to find the ideal spot for this one, especially for a brandspankingnew user of this forum. As this might be something simple I chose the Dummy section. By all means, feel free to move the post if not at... (4 Replies)
Good day. I have setup hardening the password (test system so far) prior to doing any work on production. Here is what I have set.
Snippet from /etc/pam.d/system-auth
auth required /lib/security/$ISA/pam_env.so
auth required /lib/security/$ISA/pam_tally.so... (3 Replies)
OS version : RHEL 6.5
Below is an excerpt from /etc/security/limits.conf file for OS User named appusr in our server
appusr soft nproc 2047
appusr hard nproc 16384
What will happen if appusr has already spawned 2047 processes and wants to spawn 2048th process ?
I just want to know... (3 Replies)
Hello,
We are planning to setup a Role based access and security to our Linux servers. We can use mostly use sudo for providing the limited access to service and files.
My query is that how can we manage that members can edit/access only specific files (it would be 1 or multiple files or... (3 Replies)