1pam_unix_account(5)   Standards, Environments, and Macros  pam_unix_account(5)
2
3
4

NAME

6       pam_unix_account - PAM account management module for UNIX
7

SYNOPSIS

9       pam_unix_account.so.1
10
11

DESCRIPTION

13       pam_unix_account  module  implements pam_sm_acct_mgmt(), which provides
14       functionality to the PAM account management stack. The module  provides
15       functions  to validate that the user's account is not locked or expired
16       and that the user's password does not need to be  changed.  The  module
17       retrieves  account  information  from  the configured databases in nss‐
18       witch.conf(4).
19
20
21       The following options can be passed to the module:
22
23       debug            syslog(3C)  debugging  information  at  the  LOG_DEBUG
24                        level
25
26
27       nowarn           Turn off warning messages
28
29
30       server_policy    If the account authority for the user, as specified by
31                        PAM_USER, is a server, do not apply  the  Unix  policy
32                        from the passwd entry in the name service switch.
33
34

ERRORS

36       The following values are returned:
37
38       PAM_UNIX_ACCOUNT        User account has expired
39
40
41       PAM_AUTHTOK_EXPIRED     Password expired and no longer usable
42
43
44       PAM_BUF_ERR             Memory buffer error
45
46
47       PAM_IGNORE              Ignore module, not participating in result
48
49
50       PAM_NEW_AUTHTOK_REQD    Obtain new authentication token from the user
51
52
53       PAM_PERM_DENIED         The  account is locked or has been inactive for
54                               too long
55
56
57       PAM_SERVICE_ERR         Error in underlying service module
58
59
60       PAM_SUCCESS             The account is valid for use at this time
61
62
63       PAM_USER_UNKNOWN        No account is present for the user
64
65

ATTRIBUTES

67       See attributes(5) for descriptions of the following attributes:
68
69
70
71
72       ┌─────────────────────────────┬─────────────────────────────┐
73       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
74       ├─────────────────────────────┼─────────────────────────────┤
75       │Interface Stability          │Evolving                     │
76       ├─────────────────────────────┼─────────────────────────────┤
77       │MT Level                     │MT-Safe with exceptions      │
78       └─────────────────────────────┴─────────────────────────────┘
79

SEE ALSO

81       pam(3PAM),    pam_authenticate(3PAM),     syslog(3C),     libpam(3LIB),
82       pam.conf(4), nsswitch.conf(4), attributes(5)
83

NOTES

85       The  interfaces  in libpam(3LIB) are MT-Safe only if each thread within
86       the multi-threaded application uses its own PAM handle.
87
88
89       Attempts to validate locked accounts are logged via syslog(3C)  to  the
90       LOG_AUTH facility with a LOG_NOTICE severity.
91
92
93
94SunOS 5.11                        14 Feb 2005              pam_unix_account(5)
Impressum