PAM_SEARCH_LIST(8) BSD System Manager's Manual PAM_SEARCH_LIST(8)NAMEpam_search_list — search_list PAM module
SYNOPSIS
[service-name] module-type control-flag pam_search_list [options]
DESCRIPTION
The search_list service module for PAM, pam_search_list provides func‐
tionality for only one PAM category: account management. In terms of the
module-type parameter, this is the “account” feature.
Search List Account Management Module
The search_list account management component (pam_sm_acct_mgmt()), suc‐
ceeds if and only if the user is listed in a file specified by its path
parameter.
The following options may be passed to the authentication module:
debug syslog(3) debugging information at LOG_DEBUG level.
no_warn suppress warning messages to the user. These messages include
reasons why the user's authentication attempt was declined.
path=filename
path to file to search for username. If file is not readable,
error is logged and user is considered to be not found.
Required parameter.
disallow reverse the semantics; pam_search_list will succeed if and only
if the user is not listed in filename specified by path parame‐
ter.
allow_root
do not automatically fail if the target user's UID is 0.
SEE ALSOpam.conf(5), pam(8)AUTHORS
The pam_search_list module and this manual page were developed by Victor
Popov and were based on pam_ftpusers module, which was developed for the
FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Divi‐
sion of Network Associates, Inc. under DARPA/SPAWAR contract
N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program.
BSD July 15, 2012 BSD
