Standards, Environments, and Macros pamdeny(5)
NAME
pamdeny - PAM authentication, account, session and password
management PAM module to deny operations
SYNOPSIS
pamdeny.so.1
DESCRIPTION
The pamdeny module implements all the PAM service module
functions and returns the module type default failure return
code for all calls.
The following options are interpreted:
debug syslog(3C) debugging information at the
LOGAUTHLOGDEBUG levels
ERORS
The following error codes are returned:
PAMACTEXPIRED If pamsmacctmgmt is called.
PAMAUTHER If pamsmauthenticate is called.
PAMAUTHOKER If pamsmchauthtok is called.
PAMCREDER If pamsmsetcred is called.
PAMSESIONER If pamsmopensession or
pamsmclosesession is called.
EXAMPLES
Example 1 Disallowing ssh none authentication
sshd-none auth requisite pamdeny.so.1
sshd-none account requisite pamdeny.so.1
sshd-none session requisite pamdeny.so.1
sshd-none password requisite pamdeny.so.1
Example 2 Disallowing any service not explicitly defined
other auth requisite pamdeny.so.1
SunOS 5.11 Last change: 16 Jun 2005 1
Standards, Environments, and Macros pamdeny(5)
other account requisite pamdeny.so.1
other session requisite pamdeny.so.1
other password requisite pamdeny.so.1
ATRIBUTES
See attributes(5) for a description of the following attri-
butes:
ATRIBUTE TYPE ATRIBUTE VALUE
Interface Stability Evolving
MT Level MT-Safe with exceptions
SEE ALSO
su(1M), libpam(3LIB), pam(3PAM), pamsmauthenticate(3PAM),
syslog(3C), pam.conf(4), nsswitch.conf(4), attributes(5),
pamauthtokcheck(5), pamauthtokget(5),
pamauthtokstore(5), pamdhkeys(5), pampasswdauth(5),
pamunixaccount(5), pamunixauth(5), pamunixsession(5),
privileges(5)
NOTES
The interfaces in libpam(3LIB) are MT-Safe only if each
thread within the multi-threaded application uses its own
PAM handle.
The pamdeny module is intended to deny access to a speci-
fied service. The other service name may be used to deny
access to services not explicitly specified.
SunOS 5.11 Last change: 16 Jun 2005 2
|
