1PAM_SECURETTY(8) Linux-PAM Manual PAM_SECURETTY(8)
2
6 pam_securetty - Limit root login to special devices
7
9 pam_securetty.so [debug]
10
12 pam_securetty is a PAM module that allows root logins only if the user
13 is logging in on a "secure" tty, as defined by the listing in
14 /etc/securetty. pam_securetty also checks to make sure that
15 /etc/securetty is a plain file and not world writable.
16 This module has no effect on non-root users and requires that the
18 application fills in the PAM_TTY item correctly.
19 For canonical usage, should be listed as a required authentication
21 method before any sufficient authentication methods.
22
24 debug
25 Print debug information.
26
28 Only the auth module type is provided.
29
31 PAM_SUCCESS
32 The user is allowed to continue authentication. Either the user is
33 not root, or the root user is trying to log in on an acceptable
34 device.
35 PAM_AUTH_ERR
37 Authentication is rejected. Either root is attempting to log in via
38 an unacceptable device, or the /etc/securetty file is world
39 writable or not a normal file.
40 PAM_INCOMPLETE
42 An application error occurred. pam_securetty was not able to get
43 information it required from the application that called it.
44 PAM_SERVICE_ERR
46 An error occurred while the module was determining the userĀ“s name
47 or tty, or the module could not open /etc/securetty.
48 PAM_USER_UNKNOWN
50 The module could not find the user name in the /etc/passwd file to
51 verify whether the user had a UID of 0. Therefore, the results of
52 running this module are ignored.
53
55 auth required pam_securetty.so
56 auth required pam_unix.so
57
61 securetty(5), pam.conf(5), pam.d(5), pam(8)
62
64 pam_securetty was written by Elliot Lee <sopwith@cuc.edu>.
65Linux-PAM Manual 03/02/2009 PAM_SECURETTY(8)