NAME
pam_securetty
- SecureTTY PAM module
SYNOPSIS
[service-name]
module-type
control-flag
pam_securetty
[options]
DESCRIPTION
The SecureTTY service module for PAM
provides functionality for only one PAM category:
account management.
In terms of the
module-type
parameter, this is the
``
account
''
feature.
It also provides null functions for authentication and session
management.
SecureTTY Account Management Module
The SecureTTY account management component
(pam_sm_acct_mgmt(
)),
returns failure if the user is attempting to authenticate as superuser,
and the process is attached to an insecure TTY.
In all other cases, the module returns success.
A TTY is considered secure if it is listed in
/etc/ttys
and has the
TTY_SECURE
flag set.
The following options may be passed to the authentication module:
- debug
-
syslog(3)
debugging information at
LOG_DEBUG
level.
- no_warn
-
suppress warning messages to the user.
These messages include
reasons why the user's
authentication attempt was declined.
SEE ALSO
getttynam(3),
syslog(3),
pam.conf(5),
ttys(5),
pam(8)