pam_script

Section: Misc. Reference Manual Pages (5)
Updated: 10 October 2005
Index Return to Main Contents
 

pam_script

pam-script - A PAM that runs a script at the start or end of a session  

SYNOPSIS

session required pam-script.so [options]
auth required pam-script.so [options]
 

DESCRIPTION

This manual page briefly documents the pam-script PAM.

pam-script.so is a pam module that implements session management. It optionally runs a session open script (/etc/security/onsessionopen), a session close script (/etc/security/onsessionclose) or an authentication script (/etc/security/onauth) if they exist. Alternatively any other script can be executed using the options onsessionopen=/path/to/script, onsessionclose=/path/to/script and onauth=/path/to/script.  

OPTIONS


runas=username
Run onsessionopen and onsessionclose as the specified user username

onsessionopen=path
Run path instead of /etc/security/onsessionopen

onsessionclose=path
Run path instead of /etc/security/onsessionclose

expose=integer
Bitmask that determines what information in the pam_environment to expose to the script's environment. Set this to 1 to expose PAM_AUTHTOK and 2 to expose KRB5CCNAME (the kerberos ticket cache). Remember that exposing PAM_AUTHTOK may be dangerous.

 

AUTHOR

This manual page was written by Izak Burger <isburger@gmail.com>, for the Debian GNU/Linux system (but may be used by others).


 

Index

pam_script
SYNOPSIS
DESCRIPTION
OPTIONS
AUTHOR

linux.jgfs.net manual pages