pam_loginuid(8) System Administrator's Manual pam_loginuid(8)NAMEpam_loginuid - record user's login uid to the process attribute
SYNOPSIS
session required /lib/security/pam_loginuid.so
DESCRIPTIONpam_loginuid sets the loginuid process attribute for the process that
was authenticated. This is necessary for applications to be correctly
audited. This pam module should only be used for entry point applica‐
tions like: login, sshd, gdm, vsftpd, crond, at, and remote. There are
probably other entry point applications besides these. You should not
use it for applications like sudo or su as that defeats the purpose by
changing the loginuid to the account they just switched to.
ARGUMENTS
require_auditd
This option, when given, will cause this module to query the
audit daemon status and deny logins if it is not running.
EXAMPLE
/etc/pam.d/gdm:
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session required pam_loginuid.so
session optional pam_console.so
SEE ALSOauditd(8), auditctl(8)BUGS
Let's hope not, but if you find any, please email the author.
AUTHOR
Steve Grubb <sgrubb@redhat.com>
Red Hat Linux 2005/07/29 pam_loginuid(8)