{"id":3592,"date":"2022-12-20T17:09:06","date_gmt":"2022-12-20T20:09:06","guid":{"rendered":"http:\/\/lode.uno\/linux-man\/index.php\/2022\/12\/20\/pam_securetty-man8\/"},"modified":"2022-12-20T17:09:06","modified_gmt":"2022-12-20T20:09:06","slug":"pam_securetty-man8","status":"publish","type":"post","link":"https:\/\/lode.uno\/linux-man\/2022\/12\/20\/pam_securetty-man8\/","title":{"rendered":"PAM_SECURETTY (man8)"},"content":{"rendered":"

PAM_SECURETTY<\/h1>\n

NAME<\/a>
SYNOPSIS<\/a>
DESCRIPTION<\/a>
OPTIONS<\/a>
MODULE TYPES PROVIDED<\/a>
RETURN VALUES<\/a>
EXAMPLES<\/a>
SEE ALSO<\/a>
AUTHOR<\/a> <\/p>\n

\n

NAME <\/a> <\/h2>\n

pam_securetty \u2212 Limit root login to special devices<\/p>\n

SYNOPSIS <\/a> <\/h2>\n\n\n
<\/td>\n\n

pam_securetty.so<\/b> [debug]<\/p>\n<\/td>\n

 <\/td>\n<\/tr>\n<\/table>\n

DESCRIPTION <\/a> <\/h2>\n

pam_securetty is a PAM module that allows root logins only if the user is logging in on a “secure” tty, as defined by the listing in \/etc\/securetty. pam_securetty also checks to make sure that \/etc\/securetty is a plain file and not world writable. It will also allow root logins on the tty specified with console=<\/b> switch on the kernel command line and on ttys from the \/sys\/class\/tty\/console\/active.<\/p>\n

This module has no effect on non\u2212root users and requires that the application fills in the PAM_TTY<\/b> item correctly.<\/p>\n

For canonical usage, should be listed as a required<\/b> authentication method before any sufficient<\/b> authentication methods.<\/p>\n

OPTIONS <\/a> <\/h2>\n

debug<\/b><\/p>\n

Print debug information.<\/p>\n

noconsole<\/b><\/p>\n

Do not automatically allow root logins on the kernel console device, as specified on the kernel command line or by the sys file, if it is not also specified in the \/etc\/securetty file.<\/p>\n

MODULE TYPES PROVIDED <\/a> <\/h2>\n

Only the auth<\/b> module type is provided.<\/p>\n

RETURN VALUES <\/a> <\/h2>\n

PAM_SUCCESS<\/p>\n

The user is allowed to continue authentication. Either the user is not root, or the root user is trying to log in on an acceptable device.<\/p>\n

PAM_AUTH_ERR<\/p>\n

Authentication is rejected. Either root is attempting to log in via an unacceptable device, or the \/etc\/securetty file is world writable or not a normal file.<\/p>\n

PAM_INCOMPLETE<\/p>\n

An application error occurred. pam_securetty was not able to get information it required from the application that called it.<\/p>\n

PAM_SERVICE_ERR<\/p>\n

An error occurred while the module was determining the user’s name or tty, or the module could not open \/etc\/securetty.<\/p>\n

PAM_USER_UNKNOWN<\/p>\n

The module could not find the user name in the \/etc\/passwd file to verify whether the user had a UID of 0. Therefore, the results of running this module are ignored.<\/p>\n

EXAMPLES <\/a> <\/h2>\n

auth required pam_securetty.so
auth required pam_unix.so<\/p>\n

SEE ALSO <\/a> <\/h2>\n

securetty<\/b>(5), pam.conf<\/b>(5), pam.d<\/b>(5), pam<\/b>(8)<\/p>\n

AUTHOR <\/a> <\/h2>\n

pam_securetty was written by Elliot Lee .<\/p>\n

\n","protected":false},"excerpt":{"rendered":"

pam_securetty \u2212 Limit root login to special devices <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[5,52,4,708],"class_list":["post-3592","post","type-post","status-publish","format-standard","hentry","category-8-administracion-del-sistema","tag-5","tag-administracion","tag-man8","tag-pam_securetty"],"gutentor_comment":0,"_links":{"self":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/3592","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/comments?post=3592"}],"version-history":[{"count":0,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/3592\/revisions"}],"wp:attachment":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/media?parent=3592"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/categories?post=3592"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/tags?post=3592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}