1PAM_ENV.CONF(5)                Linux-PAM Manual                PAM_ENV.CONF(5)
2
3
4

NAME

6       pam_env.conf, environment - the environment variables config files
7

DESCRIPTION

9       The /etc/security/pam_env.conf file specifies the environment variables
10       to be set, unset or modified by pam_env(8). When someone logs in, this
11       file is read and the environment variables are set according.
12
13       Each line starts with the variable name, there are then two possible
14       options for each variable DEFAULT and OVERRIDE. DEFAULT allows and
15       administrator to set the value of the variable to some default value,
16       if none is supplied then the empty string is assumed. The OVERRIDE
17       option tells pam_env that it should enter in its value (overriding the
18       default value) if there is one to use. OVERRIDE is not used, "" is
19       assumed and no override will be done.
20
21       VARIABLE [DEFAULT=[value]] [OVERRIDE=[value]]
22
23       (Possibly non-existent) environment variables may be used in values
24       using the ${string} syntax and (possibly non-existent) PAM_ITEMs as
25       well as HOME and SHELL may be used in values using the @{string}
26       syntax. Both the $ and @ characters can be backslash escaped to be used
27       as literal values values can be delimited with "", escaped " not
28       supported. Note that many environment variables that you would like to
29       use may not be set by the time the module is called. For example,
30       ${HOME} is used below several times, but many PAM applications don't
31       make it available by the time you need it. The special variables
32       @{HOME} and @{SHELL} are expanded to the values for the user from his
33       passwd entry.
34
35       The "#" character at start of line (no space at front) can be used to
36       mark this line as a comment line.
37
38       The /etc/environment file specifies the environment variables to be
39       set. The file must consist of simple NAME=VALUE pairs on separate
40       lines. The pam_env(8) module will read the file after the pam_env.conf
41       file.
42

EXAMPLES

44       These are some example lines which might be specified in
45       /etc/security/pam_env.conf.
46
47       Set the REMOTEHOST variable for any hosts that are remote, default to
48       "localhost" rather than not being set at all
49
50                 REMOTEHOST     DEFAULT=localhost OVERRIDE=@{PAM_RHOST}
51
52
53       Set the DISPLAY variable if it seems reasonable
54
55                 DISPLAY        DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}
56
57
58       Now some simple variables
59
60                 PAGER          DEFAULT=less
61                 MANPAGER       DEFAULT=less
62                 LESS           DEFAULT="M q e h15 z23 b80"
63                 NNTPSERVER     DEFAULT=localhost
64                 PATH           DEFAULT=${HOME}/bin:/usr/local/bin:/bin\
65                 :/usr/bin:/usr/local/bin/X11:/usr/bin/X11
66                 XDG_DATA_HOME  @{HOME}/share/
67
68
69       Silly examples of escaped variables, just to show how they work.
70
71                 DOLLAR         DEFAULT=\$
72                 DOLLARDOLLAR   DEFAULT=        OVERRIDE=\$${DOLLAR}
73                 DOLLARPLUS     DEFAULT=\${REMOTEHOST}${REMOTEHOST}
74                 ATSIGN         DEFAULT=""      OVERRIDE=\@
75
76

SEE ALSO

78       pam_env(8), pam.d(5), pam(8), environ(7)
79

AUTHOR

81       pam_env was written by Dave Kinchlea <kinch@kinch.ark.com>.
82
83
84
85Linux-PAM Manual                  06/08/2020                   PAM_ENV.CONF(5)
Impressum