1PAM_NOLOGIN(8)                 Linux-PAM Manual                 PAM_NOLOGIN(8)
2
3
4

NAME

6       pam_nologin - Prevent non-root users from login
7

SYNOPSIS

9       pam_nologin.so [file=/path/nologin] [successok]
10

DESCRIPTION

12       pam_nologin is a PAM module that prevents users from logging into the
13       system when /var/run/nologin or /etc/nologin exists. The contents of
14       the file are displayed to the user. The pam_nologin module has no
15       effect on the root user's ability to log in.
16

OPTIONS

18       file=/path/nologin
19           Use this file instead the default /var/run/nologin or /etc/nologin.
20
21       successok
22           Return PAM_SUCCESS if no file exists, the default is PAM_IGNORE.
23

MODULE TYPES PROVIDED

25       The auth and account module types are provided.
26

RETURN VALUES

28       PAM_AUTH_ERR
29           The user is not root and /etc/nologin exists, so the user is not
30           permitted to log in.
31
32       PAM_BUF_ERR
33           Memory buffer error.
34
35       PAM_IGNORE
36           This is the default return value.
37
38       PAM_SUCCESS
39           Success: either the user is root or the nologin file does not
40           exist.
41
42       PAM_USER_UNKNOWN
43           User not known to the underlying authentication module.
44

EXAMPLES

46       The suggested usage for /etc/pam.d/login is:
47
48           auth  required  pam_nologin.so
49
50
51

NOTES

53       In order to make this module effective, all login methods should be
54       secured by it. It should be used as a required method listed before any
55       sufficient methods in order to get standard Unix nologin semantics.
56       Note, the use of successok module argument causes the module to return
57       PAM_SUCCESS and as such would break such a configuration - failing
58       sufficient modules would lead to a successful login because the nologin
59       module succeeded.
60

SEE ALSO

62       nologin(5), pam.conf(5), pam.d(5), pam(8)
63

AUTHOR

65       pam_nologin was written by Michael K. Johnson <johnsonm@redhat.com>.
66
67
68
69Linux-PAM Manual                  09/03/2021                    PAM_NOLOGIN(8)
Impressum