1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
debug - Output lots of extra debugging info via syslog
no_warn - Do not print warning messages to STDOUT. (Equivalent to passing
the PAM_SILENT flag.)
use_first_pass, try_first_pass, use_mapped_pass - Nothing.
no_chroot - Don't really chroot, but do everything else normally.
use_regex - Treat the name field of the chroot.conf file as if it
were a regular expression.
use_ext_regex - Use extended regular expressions. Implies use_regex.
use_groups - Allow "@group" syntax for name field in chroot.conf
sec_checks - Check permissions and modes on conf files and chroot paths,
return PAM_SESSION_ERR if bad ownership/perms are found.
notfound=(success|failure) - Return PAM_SUCCESS or PAM_SESSION_ERR,
respectively, if the chroot_dir for the current user cannot be
determined. Default is to return PAM_SUCCESS.
onerr=(succeed|fail) - Return PAM_SUCCESS or PAM_SESSION_ERR,
respectively, if the chroot_dir for the current user cannot be
determined. Default is to return PAM_SUCCESS.
chroot_dir=<dir> - Specify the chroot_dir. Overrides anything that might
be in the chroot.conf file. In fact, chroot.conf won't even be
consulted.
|
