Annotation of elwix/config/etc/uboot/pam.d/README, revision 1.2
1.2 ! misho 1:
! 2: This directory contains configuration files for the Pluggable
! 3: Authentication Modules (PAM) library.
! 4:
! 5: Each file details the module chain for a single service, and must be
! 6: named after that service. If no configuration file is found for a
! 7: particular service, the /etc/pam.d/other is used instead. If that
! 8: file does not exist, /etc/pam.conf is searched for entries matching
! 9: the specified service or, failing that, the "other" service.
! 10:
! 11: See the pam(8) manual page for an explanation of the workings of the
! 12: PAM library and descriptions of the various files and modules. Below
! 13: is a summary of the format for the pam.conf and /etc/pam.d/* files.
! 14:
! 15: Configuration lines take the following form:
! 16:
! 17: module-type control-flag module-path arguments
! 18:
! 19: Comments are introduced with a hash mark ('#'). Blank lines and lines
! 20: consisting entirely of comments are ignored.
! 21:
! 22: The meanings of the different fields are as follows:
! 23:
! 24: module-type:
! 25: auth: prompt for a password to authenticate that the user is
! 26: who they say they are, and set any credentials.
! 27: account: non-authentication based authorization, based on time,
! 28: resources, etc.
! 29: session: housekeeping before and/or after login.
! 30: password: update authentication tokens.
! 31:
! 32: control-flag: How libpam handles success or failure of the module.
! 33: required: success is required; on failure all remaining
! 34: modules are run, but the request will be denied.
! 35: requisite: success is required, and on failure no remaining
! 36: modules are run.
! 37: sufficient: success is sufficient, and if no previous required
! 38: module failed, no remaining modules are run.
! 39: binding: success is sufficient; on failure all remaining
! 40: modules are run, but the request will be denied.
! 41: optional: ignored unless the other modules return PAM_IGNORE.
! 42:
! 43: arguments: Module-specific options, plus some generic ones:
! 44: debug: syslog debug info.
! 45: no_warn: return no warning messages to the application.
! 46: Remove this to feed back to the user the
! 47: reason(s) they are being rejected.
! 48: use_first_pass: try authentication using password from the
! 49: preceding auth module.
! 50: try_first_pass: first try authentication using password from
! 51: the preceding auth module, and if that fails
! 52: prompt for a new password.
! 53: use_mapped_pass: convert cleartext password to a crypto key.
! 54: expose_account: allow printing more info about the user when
! 55: prompting.
! 56:
! 57: Note that having a "sufficient" module as the last entry for a
! 58: particular service and module type may result in surprising behaviour.
! 59: To get the intended semantics, add a "required" entry listing the
! 60: pam_deny module at the end of the chain.
! 61:
! 62: $FreeBSD: src/etc/pam.d/README,v 1.5 2004/06/06 11:46:29 schweikh Exp $
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to README CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / elwix / config / etc / uboot / pam.d