| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135 |
- <?xml version="1.0" encoding='UTF-8'?>
- <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
- "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
- <refentry id="pam_deny">
- <refmeta>
- <refentrytitle>pam_deny</refentrytitle>
- <manvolnum>8</manvolnum>
- <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
- </refmeta>
- <refnamediv id="pam_deny-name">
- <refname>pam_deny</refname>
- <refpurpose>The locking-out PAM module</refpurpose>
- </refnamediv>
- <refsynopsisdiv>
- <cmdsynopsis id="pam_deny-cmdsynopsis">
- <command>pam_deny.so</command>
- </cmdsynopsis>
- </refsynopsisdiv>
- <refsect1 id="pam_deny-description">
- <title>DESCRIPTION</title>
- <para>
- This module can be used to deny access. It always indicates a failure
- to the application through the PAM framework. It might be suitable
- for using for default (the <emphasis>OTHER</emphasis>) entries.
- </para>
- </refsect1>
- <refsect1 id="pam_deny-options">
- <title>OPTIONS</title>
- <para>This module does not recognise any options.</para>
- </refsect1>
- <refsect1 id="pam_deny-types">
- <title>MODULE TYPES PROVIDED</title>
- <para>
- All module types (<option>account</option>, <option>auth</option>,
- <option>password</option> and <option>session</option>) are provided.
- </para>
- </refsect1>
- <refsect1 id='pam_deny-return_values'>
- <title>RETURN VALUES</title>
- <para>
- <variablelist>
- <varlistentry>
- <term>PAM_AUTH_ERR</term>
- <listitem>
- <para>
- This is returned by the account and auth services.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>PAM_CRED_ERR</term>
- <listitem>
- <para>
- This is returned by the setcred function.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>PAM_AUTHTOK_ERR</term>
- <listitem>
- <para>
- This is returned by the password service.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>PAM_SESSION_ERR</term>
- <listitem>
- <para>
- This is returned by the session service.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </para>
- </refsect1>
- <refsect1 id='pam_deny-examples'>
- <title>EXAMPLES</title>
- <programlisting>
- #%PAM-1.0
- #
- # If we don't have config entries for a service, the
- # OTHER entries are used. To be secure, warn and deny
- # access to everything.
- other auth required pam_warn.so
- other auth required pam_deny.so
- other account required pam_warn.so
- other account required pam_deny.so
- other password required pam_warn.so
- other password required pam_deny.so
- other session required pam_warn.so
- other session required pam_deny.so
- </programlisting>
- </refsect1>
- <refsect1 id='pam_deny-see_also'>
- <title>SEE ALSO</title>
- <para>
- <citerefentry>
- <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
- </citerefentry>,
- <citerefentry>
- <refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum>
- </citerefentry>,
- <citerefentry>
- <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
- </citerefentry>
- </para>
- </refsect1>
- <refsect1 id='pam_deny-author'>
- <title>AUTHOR</title>
- <para>
- pam_deny was written by Andrew G. Morgan <morgan@kernel.org>
- </para>
- </refsect1>
- </refentry>
|
