1PAM_ROOTOK(8)                  Linux-PAM Manual                  PAM_ROOTOK(8)
2
3
4

NAME

6       pam_rootok - Gain only root access
7

SYNOPSIS

9       pam_rootok.so [debug]
10

DESCRIPTION

12       pam_rootok is a PAM module that authenticates the user if their UID is
13       0. Applications that are created setuid-root generally retain the UID
14       of the user but run with the authority of an enhanced effective-UID. It
15       is the real UID that is checked.
16

OPTIONS

18       debug
19           Print debug information.
20

MODULE TYPES PROVIDED

22       The auth, account and password module types are provided.
23

RETURN VALUES

25       PAM_SUCCESS
26           The UID is 0.
27
28       PAM_AUTH_ERR
29           The UID is not 0.
30

EXAMPLES

32       In the case of the su(1) application the historical usage is to permit
33       the superuser to adopt the identity of a lesser user without the use of
34       a password. To obtain this behavior with PAM the following pair of
35       lines are needed for the corresponding entry in the /etc/pam.d/su
36       configuration file:
37
38           # su authentication. Root is granted access by default.
39           auth  sufficient   pam_rootok.so
40           auth  required     pam_unix.so
41
42
43

SEE ALSO

45       su(1), pam.conf(5), pam.d(5), pam(8)
46

AUTHOR

48       pam_rootok was written by Andrew G. Morgan, <morgan@kernel.org>.
49
50
51
52Linux-PAM Manual                  11/25/2020                     PAM_ROOTOK(8)
Impressum