FreeBSD Manual Pages
PAM_GROUP(8) BSD System Manager's Manual PAM_GROUP(8) NAME pam_group -- Group PAM module SYNOPSIS [service-name] module-type control-flag pam_group [arguments] DESCRIPTION The group service module for PAM accepts or rejects users based on their membership in a particular file group. pam_group provides functionality for two PAM categories: authentication and account management. In terms of the module-type parameter, they are the ``auth'' and ``account'' fea- tures. The following options may be passed to the pam_group module: deny Reverse the meaning of the test, i.e., reject the applicant if and only if he or she is a member of the specified group. This can be useful to exclude certain groups of users from certain services. fail_safe If the specified group does not exist, or has no members, act as if it does exist and the applicant is a member. group=groupname Specify the name of the group to check. The default is "wheel". luser Accept or reject based on the target user's group membership. root_only Skip this module entirely if the target account is not the su- peruser account. ruser Accept or reject based on the supplicant's group membership. This is the default. Note that the luser and ruser options are mutually exclusive, and that pam_group will fail if both are specified. SEE ALSO pam.conf(5), pam(8) AUTHORS The pam_group module and this manual page were developed for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research program. BSD July 19, 2014 BSD
NAME | SYNOPSIS | DESCRIPTION | SEE ALSO | AUTHORS
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=pam_group&sektion=8&manpath=FreeBSD+13.0-RELEASE+and+Ports>