1PAM_ROOTOK(8)                  Linux-PAM Manual                  PAM_ROOTOK(8)
2
3
4

NAME

6       pam_rootok - Gain only root access
7

SYNOPSIS

9       pam_rootok.so [debug]
10

DESCRIPTION

12       pam_rootok is a PAM module that authenticates the user if their UID is
13       0. Applications that are created setuid-root generally retain the UID
14       of the user but run with the authority of an enhanced effective-UID. It
15       is the real UID that is checked.
16

OPTIONS

18       debug
19          Print debug information.
20

MODULE SERVICES PROVIDED

22       Only the auth service is supported.
23

RETURN VALUES

25       PAM_SUCCESS
26          The UID is 0.
27
28       PAM_AUTH_ERR
29          The UID is not 0.
30

EXAMPLES

32       In the case of the su(1) application the historical usage is to permit
33       the superuser to adopt the identity of a lesser user without the use of
34       a password. To obtain this behavior with PAM the following pair of
35       lines are needed for the corresponding entry in the /etc/pam.d/su
36       configuration file:
37
38          # su authentication. Root is granted access by default.
39          auth  sufficient   pam_rootok.so
40          auth  required     pam_unix.so
41
42
43

SEE ALSO

45       su(1), pam.conf(5), pam.d(8), pam(8)
46

AUTHOR

48       pam_rootok was written by Andrew G. Morgan, <morgan@kernel.org>.
49
50
51
52Linux-PAM Manual                  06/23/2006                     PAM_ROOTOK(8)
Impressum