The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

pam_ksu (8)
  • >> pam_ksu (8) ( FreeBSD man: Команды системного администрирования )

  • BSD mandoc
     

    NAME

    
    
    pam_ksu
    
     - Kerberos 5 SU PAM module
    
     
    

    SYNOPSIS

    [service-name ] module-type control-flag pam_ksu [options ]  

    DESCRIPTION

    The Kerberos 5 SU authentication service module for PAM, for only one PAM category: authentication. In terms of the module-type parameter, this is the ``auth '' feature. The module is specifically designed to be used with the su(1) utility.  

    Kerberos 5 SU Authentication Module

    The Kerberos 5 SU authentication component provides functions to verify the identity of a user (Fn pam_sm_authenticate ) and determine whether or not the user is authorized to obtain the privileges of the target account. If the target account is ``root'' then the Kerberos 5 principal used for authentication and authorization will be the ``root'' instance of the current user, e.g. ``user/[email protected] '' Otherwise, the principal will simply be the current user's default principal, e.g. ``[email protected] ''

    The user is prompted for a password if necessary. Authorization is performed by comparing the Kerberos 5 principal with those listed in the .k5login file in the target account's home directory (e.g. /root/.k5login for root).

    The following options may be passed to the authentication module:

    debug
    syslog(3) debugging information at LOG_DEBUG level.
    use_first_pass
    If the authentication module is not the first in the stack, and a previous module obtained the user's password, that password is used to authenticate the user. If this fails, the authentication module returns failure without prompting the user for a password. This option has no effect if the authentication module is the first in the stack, or if no previous modules obtained the user's password.
    try_first_pass
    This option is similar to the use_first_pass option, except that if the previously obtained password fails, the user is prompted for another password.

     

    SEE ALSO

    su(1), syslog(3), pam.conf5, pam(8)


     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    Kerberos 5 SU Authentication Module
    SEE ALSO


    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру