1PAM_USERTYPE(8) Linux-PAM PAM_USERTYPE(8)
2
3
4
6 pam_usertype - check if the authenticated user is a system or regular
7 account
8
10 pam_usertype.so [flag...] {condition}
11
13 pam_usertype.so is designed to succeed or fail authentication based on
14 type of the account of the authenticated user. The type of the account
15 is decided with help of SYS_UID_MIN and SYS_UID_MAX settings in
16 /etc/login.defs. One use is to select whether to load other modules
17 based on this test.
18
19 The module should be given only one condition as module argument.
20 Authentication will succeed only if the condition is met.
21
23 The following flags are supported:
24
25 use_uid
26 Evaluate conditions using the account of the user whose UID the
27 application is running under instead of the user being
28 authenticated.
29
30 audit
31 Log unknown users to the system log.
32
33 Available conditions are:
34
35 issystem
36 Succeed if the user is a system user.
37
38 isregular
39 Succeed if the user is a regular user.
40
42 All module types (account, auth, password and session) are provided.
43
45 PAM_SUCCESS
46 The condition was true.
47
48 PAM_BUF_ERR
49 Memory buffer error.
50
51 PAM_CONV_ERR
52 The conversation method supplied by the application failed to
53 obtain the username.
54
55 PAM_INCOMPLETE
56 The conversation method supplied by the application returned
57 PAM_CONV_AGAIN.
58
59 PAM_AUTH_ERR
60 The condition was false.
61
62 PAM_SERVICE_ERR
63 A service error occurred or the arguments can't be parsed
64 correctly.
65
66 PAM_USER_UNKNOWN
67 User was not found.
68
70 Skip remaining modules if the user is a system user:
71
72 account sufficient pam_usertype.so issystem
73
74
76 login.defs(5), pam(8)
77
79 Pavel Březina <pbrezina@redhat.com>
80
81
82
83Linux-PAM 09/03/2021 PAM_USERTYPE(8)