Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   8420 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

PAM_SECURETTY(8)	       Linux-PAM Manual		      PAM_SECURETTY(8)

NAME
       pam_securetty - Limit root login to special devices

SYNOPSIS
       pam_securetty.so [debug]

DESCRIPTION
       pam_securetty is a PAM module that allows root logins only if the user
       is logging in on a "secure" tty, as defined by the listing in
       /etc/securetty. pam_securetty also checks to make sure that
       /etc/securetty is a plain file and not world writable.

       This module has no effect on non-root users and requires that the
       application fills in the PAM_TTY item correctly.

       For canonical usage, should be listed as a required authentication
       method before any sufficient authentication methods.

OPTIONS
       debug
	  Print debug information.

MODULE SERVICES PROVIDED
       Only the auth service is supported.

RETURN VALUES
       PAM_SUCCESS
	  The user is allowed to continue authentication. Either the user is
	  not root, or the root user is trying to log in on an acceptable
	  device.

       PAM_AUTH_ERR
	  Authentication is rejected. Either root is attempting to log in via
	  an unacceptable device, or the /etc/securetty file is world writable
	  or not a normal file.

       PAM_INCOMPLETE
	  An application error occurred. pam_securetty was not able to get
	  information it required from the application that called it.

       PAM_SERVICE_ERR
	  An error occurred while the module was determining the user's name
	  or tty, or the module could not open /etc/securetty.

       PAM_IGNORE
	  The module could not find the user name in the /etc/passwd file to
	  verify whether the user had a UID of 0. Therefore, the results of
	  running this module are ignored.

EXAMPLES
	  auth	required  pam_securetty.so
	  auth	required  pam_unix.so

SEE ALSO
       securetty(5), pam.conf(5), pam.d(8), pam(8)

AUTHOR
       pam_securetty was written by Elliot Lee <sopwith@cuc.edu>.

Linux-PAM Manual		  06/04/2006		      PAM_SECURETTY(8)

Vote for polarhome