pam_loginuid

Section: System Administrator's Manual (8)
Updated: 2005/07/29
Index Return to Main Contents
 

NAME

pam_loginuid - record user's login uid to the process attribute  

SYNOPSIS

session required /lib/security/pam_loginuid.so

 

DESCRIPTION

pam_loginuid sets the loginuid process attribute for the process that was authenticated. This is necessary for applications to be correctly audited. This pam module should only be used for entry point applications like: login, sshd, gdm, vsftpd, crond, at, and remote. There are probably other entry point applications besides these. You should not use it for applications like sudo or su as that defeats the purpose by changing the loginuid to the account they just switched to.

 

ARGUMENTS

require_auditd
This option, when given, will cause this module to query the audit daemon status and deny logins if it is not running.

 

EXAMPLE

/etc/pam.d/gdm:
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session required pam_loginuid.so
session optional pam_console.so

 

SEE ALSO

auditd(8), auditctl(8)

 

BUGS

Let's hope not, but if you find any, please email the author.

 

AUTHOR

Steve Grubb <sgrubb@redhat.com>


 

Index

NAME
SYNOPSIS
DESCRIPTION
ARGUMENTS
EXAMPLE
SEE ALSO
BUGS
AUTHOR

linux.jgfs.net manual pages