1PAM_LOGINUID(8) Linux-PAM Manual PAM_LOGINUID(8)
2
6 pam_loginuid - Record user's login uid to the process attribute
7
9 pam_loginuid.so [require_auditd]
10
12 The pam_loginuid module sets the loginuid process attribute for the
13 process that was authenticated. This is necessary for applications to
14 be correctly audited. This PAM module should only be used for entry
15 point applications like: login, sshd, gdm, vsftpd, crond and atd. There
16 are probably other entry point applications besides these. You should
17 not use it for applications like sudo or su as that defeats the purpose
18 by changing the loginuid to the account they just switched to.
19
21 require_auditd
22 This option, when given, will cause this module to query the audit
23 daemon status and deny logins if it is not running.
24
26 Only the session module type is provided.
27
29 PAM_SUCCESS
30 The loginuid value is set and auditd is running if check requested.
31 PAM_IGNORE
33 The /proc/self/loginuid file is not present on the system or the
34 login process runs inside uid namespace and kernel does not support
35 overwriting loginuid.
36 PAM_SESSION_ERR
38 Any other error prevented setting loginuid or auditd is not
39 running.
40
42 #%PAM-1.0
43 auth required pam_unix.so
44 auth required pam_nologin.so
45 account required pam_unix.so
46 password required pam_unix.so
47 session required pam_unix.so
48 session required pam_loginuid.so
49
52 pam.conf(5), pam.d(5), pam(8), auditctl(8), auditd(8)
53
55 pam_loginuid was written by Steve Grubb <sgrubb@redhat.com>
56Linux-PAM Manual 09/03/2021 PAM_LOGINUID(8)