source-git / pam

Clone
Source Code
GIT

Files

c8 c8s master
  1.   c8
  2.   modules
  3.   pam_console
  4.   console.perms.5
Blob Blame History Raw 
.\" Copyright 1999,2005 Red Hat Software, Inc.
.\" Written by Michael K. Johnson <johnsonm@redhat.com>
.TH console.perms 5 2005/5/2 "Red Hat Software" "System Administrator's Manual"
.SH NAME
console.perms \- permissions control file for users at the system console
.SH DESCRIPTION
/etc/security/console.perms and .perms files in the 
/etc/security/console.perms.d directory determine the permissions that will be
given to priviledged users of the console at login time, and the
permissions to which to revert when the users log out.  They are
read by the pam_console_apply helper executable.

The format is:

\f(CR<\fBclass\fR\f(CR>=\fBspace-separated list of words\fR

\fBlogin-regexp\fR\fI|\fR\f(CR<\fBlogin-class\fR\f(CR> \fBperm dev-glob\fR\fI|\fR\f(CR<\fBdev-class\fR\f(CR> \e
.br
\f(CR        \fBrevert-mode revert-owner\fR\fI[\fR\fP.revert-group\fI]\fR

The \fBrevert-mode\fP, \fBrevert-owner\fP, and revert-group fields are optional,
and default to \fB0600\fP, \fBroot\fP, and \fBroot\fP, respectively.

The words in a class definition are evaluated as globs if they
refer to files, but as regular expressions if they apply to a
console definition.  Do not mix them.

Any line can be broken and continued on the next line by using a
\e character as the last character on the line.

The \fBlogin-class\fP class and the \fBlogin-regexp\fP word are evaluated as
regular expressions.
The \fBdev-class\fP and the \fBdev-glob\fP word are evaluated as
shell-style globs.  If a name given corresponds to a directory, and
if it is a mount point listed in \fI/etc/fstab\fP, the device node
associated with the filesystem mounted at that point will be
substituted in its place.

Classes are denoted by being contained in \f(CR<\fR angle bracket \f(CR>\fR
characters; a lack of \f(CR<\fR angle brackets \f(CR>\fR indicates that
the string is to be taken literally as a \fBlogin-regexp\fP or a
\fBdev-glob\fP, depending on its input position.
.SH "SEE ALSO"
.BR pam_console (8)
.br
.BR pam_console_apply (8)
.br
.BR console.apps (5)
.SH AUTHOR
Michael K. Johnson <johnsonm@redhat.com>

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation