1 |
.\" $MidnightBSD$ |
2 |
.\" Copyright (c) 2001 Mark R V Murray |
3 |
.\" All rights reserved. |
4 |
.\" Copyright (c) 2001 Networks Associates Technology, Inc. |
5 |
.\" All rights reserved. |
6 |
.\" |
7 |
.\" Portions of this software were developed for the FreeBSD Project by |
8 |
.\" ThinkSec AS and NAI Labs, the Security Research Division of Network |
9 |
.\" Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 |
10 |
.\" ("CBOSS"), as part of the DARPA CHATS research program. |
11 |
.\" |
12 |
.\" Redistribution and use in source and binary forms, with or without |
13 |
.\" modification, are permitted provided that the following conditions |
14 |
.\" are met: |
15 |
.\" 1. Redistributions of source code must retain the above copyright |
16 |
.\" notice, this list of conditions and the following disclaimer. |
17 |
.\" 2. Redistributions in binary form must reproduce the above copyright |
18 |
.\" notice, this list of conditions and the following disclaimer in the |
19 |
.\" documentation and/or other materials provided with the distribution. |
20 |
.\" 3. The name of the author may not be used to endorse or promote |
21 |
.\" products derived from this software without specific prior written |
22 |
.\" permission. |
23 |
.\" |
24 |
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND |
25 |
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
26 |
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
27 |
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
28 |
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
29 |
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
30 |
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
31 |
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
32 |
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
33 |
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
34 |
.\" SUCH DAMAGE. |
35 |
.\" |
36 |
.\" $FreeBSD: stable/10/lib/libpam/modules/pam_rhosts/pam_rhosts.8 131504 2004-07-02 23:52:20Z ru $ |
37 |
.\" |
38 |
.Dd December 5, 2001 |
39 |
.Dt PAM_RHOSTS 8 |
40 |
.Os |
41 |
.Sh NAME |
42 |
.Nm pam_rhosts |
43 |
.Nd Rhosts PAM module |
44 |
.Sh SYNOPSIS |
45 |
.Op Ar service-name |
46 |
.Ar module-type |
47 |
.Ar control-flag |
48 |
.Pa pam_rhosts |
49 |
.Op Ar options |
50 |
.Sh DESCRIPTION |
51 |
The rhosts authentication service module for PAM, |
52 |
.Nm |
53 |
provides functionality for only one PAM category: |
54 |
authentication. |
55 |
In terms of the |
56 |
.Ar module-type |
57 |
parameter, this is the |
58 |
.Dq Li auth |
59 |
feature. |
60 |
.Ss Rhosts Authentication Module |
61 |
The Rhosts authentication component |
62 |
.Pq Fn pam_sm_authenticate , |
63 |
returns success if and only if the target user's UID is not 0 and the |
64 |
remote host and user are listed in |
65 |
.Pa /etc/hosts.equiv |
66 |
or in the target user's |
67 |
.Pa ~/.rhosts . |
68 |
.Pp |
69 |
The following options may be passed to the authentication module: |
70 |
.Bl -tag -width ".Cm allow_root" |
71 |
.It Cm debug |
72 |
.Xr syslog 3 |
73 |
debugging information at |
74 |
.Dv LOG_DEBUG |
75 |
level. |
76 |
.It Cm no_warn |
77 |
suppress warning messages to the user. |
78 |
These messages include reasons why the user's authentication attempt |
79 |
was declined. |
80 |
.It Cm allow_root |
81 |
do not automatically fail if the target user's UID is 0. |
82 |
.El |
83 |
.Sh SEE ALSO |
84 |
.Xr hosts.equiv 5 , |
85 |
.Xr pam.conf 5 , |
86 |
.Xr pam 8 |
87 |
.Sh AUTHORS |
88 |
The |
89 |
.Nm |
90 |
module and this manual page were developed for the |
91 |
.Fx |
92 |
Project by |
93 |
ThinkSec AS and NAI Labs, the Security Research Division of Network |
94 |
Associates, Inc.\& under DARPA/SPAWAR contract N66001-01-C-8035 |
95 |
.Pq Dq CBOSS , |
96 |
as part of the DARPA CHATS research program. |