{"id":3737,"date":"2022-12-20T17:19:54","date_gmt":"2022-12-20T20:19:54","guid":{"rendered":"http:\/\/lode.uno\/linux-man\/index.php\/2022\/12\/20\/pam_nologin-man8\/"},"modified":"2022-12-20T17:19:54","modified_gmt":"2022-12-20T20:19:54","slug":"pam_nologin-man8","status":"publish","type":"post","link":"https:\/\/lode.uno\/linux-man\/2022\/12\/20\/pam_nologin-man8\/","title":{"rendered":"PAM_NOLOGIN (man8)"},"content":{"rendered":"<h1 align=\"center\">PAM_NOLOGIN<\/h1>\n<p> <a href=\"#NAME\">NAME<\/a><br \/> <a href=\"#SYNOPSIS\">SYNOPSIS<\/a><br \/> <a href=\"#DESCRIPTION\">DESCRIPTION<\/a><br \/> <a href=\"#OPTIONS\">OPTIONS<\/a><br \/> <a href=\"#MODULE TYPES PROVIDED\">MODULE TYPES PROVIDED<\/a><br \/> <a href=\"#RETURN VALUES\">RETURN VALUES<\/a><br \/> <a href=\"#EXAMPLES\">EXAMPLES<\/a><br \/> <a href=\"#NOTES\">NOTES<\/a><br \/> <a href=\"#SEE ALSO\">SEE ALSO<\/a><br \/> <a href=\"#AUTHOR\">AUTHOR<\/a> <\/p>\n<hr>\n<h2>NAME <a name=\"NAME\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">pam_nologin \u2212 Prevent non\u2212root users from login<\/p>\n<h2>SYNOPSIS <a name=\"SYNOPSIS\"><\/a> <\/h2>\n<table width=\"100%\" border=\"0\" rules=\"none\" frame=\"void\" cellspacing=\"0\" cellpadding=\"0\">\n<tr valign=\"top\" align=\"left\">\n<td width=\"11%\"><\/td>\n<td width=\"72%\">\n<p style=\"margin-top: 1em\"><b>pam_nologin.so<\/b> [file=<i>\/path\/nologin<\/i>] [successok]<\/p>\n<\/td>\n<td width=\"17%\"> <\/td>\n<\/tr>\n<\/table>\n<h2>DESCRIPTION <a name=\"DESCRIPTION\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">pam_nologin is a PAM module that prevents users from logging into the system when \/var\/run\/nologin or \/etc\/nologin exists. The contents of the file are displayed to the user. The pam_nologin module has no effect on the root user&#8217;s ability to log in.<\/p>\n<h2>OPTIONS <a name=\"OPTIONS\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\"><b>file=<\/b><i>\/path\/nologin<\/i><\/p>\n<p style=\"margin-left:17%;\">Use this file instead the default \/var\/run\/nologin or \/etc\/nologin.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\"><b>successok<\/b><\/p>\n<p style=\"margin-left:17%;\">Return PAM_SUCCESS if no file exists, the default is PAM_IGNORE.<\/p>\n<h2>MODULE TYPES PROVIDED <a name=\"MODULE TYPES PROVIDED\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">The <b>auth<\/b> and <b>acct<\/b> module types are provided.<\/p>\n<h2>RETURN VALUES <a name=\"RETURN VALUES\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">PAM_AUTH_ERR<\/p>\n<p style=\"margin-left:17%;\">The user is not root and \/etc\/nologin exists, so the user is not permitted to log in.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">PAM_BUF_ERR<\/p>\n<p style=\"margin-left:17%;\">Memory buffer error.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">PAM_IGNORE<\/p>\n<p style=\"margin-left:17%;\">This is the default return value.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">PAM_SUCCESS<\/p>\n<p style=\"margin-left:17%;\">Success: either the user is root or the nologin file does not exist.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">PAM_USER_UNKNOWN<\/p>\n<p style=\"margin-left:17%;\">User not known to the underlying authentication module.<\/p>\n<h2>EXAMPLES <a name=\"EXAMPLES\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">The suggested usage for \/etc\/pam.d\/login is:<\/p>\n<p style=\"margin-left:17%; margin-top: 1em\">auth required pam_nologin.so<\/p>\n<h2>NOTES <a name=\"NOTES\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">In order to make this module effective, all login methods should be secured by it. It should be used as a <i>required<\/i> method listed before any <i>sufficient<\/i> methods in order to get standard Unix nologin semantics. Note, the use of <b>successok<\/b> module argument causes the module to return <i>PAM_SUCCESS<\/i> and as such would break such a configuration \u2212 failing <i>sufficient<\/i> modules would lead to a successful login because the nologin module <i>succeeded<\/i>.<\/p>\n<h2>SEE ALSO <a name=\"SEE ALSO\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\"><b>nologin<\/b>(5), <b>pam.conf<\/b>(5), <b>pam.d<\/b>(5), <b>pam<\/b>(8)<\/p>\n<h2>AUTHOR <a name=\"AUTHOR\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">pam_nologin was written by Michael K. Johnson <johnsonm@redhat.com>.<\/p>\n<hr>\n","protected":false},"excerpt":{"rendered":"<p>  pam_nologin \u2212 Prevent non\u2212root users from login <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[5,52,4,844],"class_list":["post-3737","post","type-post","status-publish","format-standard","hentry","category-8-administracion-del-sistema","tag-5","tag-administracion","tag-man8","tag-pam_nologin"],"gutentor_comment":0,"_links":{"self":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/3737","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/comments?post=3737"}],"version-history":[{"count":0,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/3737\/revisions"}],"wp:attachment":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/media?parent=3737"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/categories?post=3737"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/tags?post=3737"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}