pam_unix_account(7) 맨 페이지 - 윈디하나의 솔라나라

개요

섹션
맨 페이지 이름
검색(S)

pam_unix_account(7)

Standards, Environments, Macros, Character Sets, and miscellany
                                                           pam_unix_account(7)



NAME
       pam_unix_account - PAM account management module for UNIX

SYNOPSIS
       pam_unix_account.so.1

DESCRIPTION
       The  pam_unix_account  module implements pam_sm_acct_mgmt(), which pro‐
       vides functionality to the PAM account management  stack.  This  module
       provides functions to:

           o      Validate  that an authenticated user is allowed to log in to
                  the local user account by checking that the account  is  not
                  locked or expired


           o      The  user's password has not expired and does not need to be
                  changed


           o      Validate that the user is permitted to access the  PAM  ser‐
                  vice at the current time and day of the week.


           o      The user's account has not been inactive for too long


           o      The /etc/nologin file is not present for non-root users (see
                  nologin(5))



       The pam_unix_account module retrieves account information from the con‐
       figured databases in nsswitch.conf(5).


       The following options can be passed to the module:

       debug            syslog(3C)  debugging  information  at  the  LOG_DEBUG
                        level


       nowarn           Turn off warning messages


       server_policy    If the account authority for the user, as specified by
                        PAM_USER,  is  a  server, do not apply the UNIX policy
                        from the passwd entry in the name service switch.


ERRORS
       The following values are returned:

       PAM_UNIX_ACCOUNT        User account has expired


       PAM_AUTHTOK_EXPIRED     Password expired and no longer usable


       PAM_BUF_ERR             Memory buffer error


       PAM_IGNORE              Ignore module, not participating in result


       PAM_NEW_AUTHTOK_REQD    Obtain new authentication token from the user


       PAM_PERM_DENIED         The account is locked or has been inactive  for
                               too  long  or  is  not permitted at the current
                               time and day of the week


       PAM_SERVICE_ERR         Error in underlying service module


       PAM_SUCCESS             The account is valid for use at this time


       PAM_USER_UNKNOWN        No account is present for the user


       PAM_LOGINS_DISABLED     Logins for non-root users are disabled  due  to
                               the  presence  of  the  /etc/nologin  file. See
                               nologin(5).


ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       tab() box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE  TYPEAT‐
       TRIBUTE  VALUE  _  Interface  StabilityCommitted _ MT LevelMT-Safe with
       exceptions


SEE ALSO
       syslog(3C),  libpam(3LIB),  pam(3PAM),   pam_authenticate(3PAM),   nss‐
       witch.conf(5), pam.conf(5), attributes(7)

NOTES
       The  interfaces  in libpam(3LIB) are MT-Safe only if each thread within
       the multi-threaded application uses its own PAM handle.


       Attempts to validate locked accounts are logged via syslog(3C)  to  the
       LOG_AUTH facility with a LOG_NOTICE severity.



Oracle Solaris 11.4               11 May 2021              pam_unix_account(7)
맨 페이지 내용의 저작권은 맨 페이지 작성자에게 있습니다.
RSS ATOM XHTML 5 CSS3