1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
.TH PAM_TMPDIR 8
.SH NAME
\fBpam_tmpdir\fP \- PAM module for creating a secure directory for users' temporary files
.SH SYNOPSIS
\fBpam_tmpdir.so\fP
.SH DESCRIPTION
This module can be plugged into the \fBsession\fP stack of a given service to
provide secure, per-user directories for temporary files.
.SH OPTIONS
The directory in which the users' temporary directories are created can be set
using an entry in /etc/security/tmpdir.conf:
.EX
tmpdir=/path/to/tmpdir
.EE
The default is /tmp/user.
.SH MODULE TYPES PROVIDED
Although this is intended to be used with the \fBsession\fP module type, it also
provides \fBaccount\fP, \fBauth\fP, and \fBpassword\fP module types.
.SH RETURN VALUES
.IP PAM_SUCCESS
The temporary directory was successfully created.
.IP PAM_ABORT
An error occurred when attempting to create the temporary directory.
.IP PAM_SERVICE_ERR
An internal error occurred.
.SH EXAMPLES
.PP
To allow users to login even if pam_tmpdir fails to create a safe tmpdir:
.IP
.EX
session optional pam_tmpdir.so
.EE
.PP
To deny login if an error occurs while setting up the safe tmpdir:
.IP
.EX
session required pam_tmpdir.so
.EE
.PP
\fINOTE\fP: This could allow for a DoS attack if a malicious user creates /tmp/user
before pam_tmpdir does.
.SH SEE ALSO
\fIpam-tmpdir-helper\fP\|(8)
.SH AUTHOR
Tollef Fog Heen <tfheen@err.no>
.SH COPYRIGHT
Copyright \(co 2002-2012 Tollef Fog Heen <tfheen@err.no>.
.BR
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
