NAME pam_abl - query or purge the databases used by the pam_abl module.

SYNOPSIS pam_abl [OPTION] [CONFIG]

DESCRIPTION Provides a non-pam interface to the infomration stored in the pam_abl module databases. CONFIG is the name of the pam_abl config file (default: /etc/security/pam_abl.conf). The config file is read to discover the names of the pam_abl databases, the rules that control purging of old data from them and commands to run when a user or host switches state.

OPTIONS

MAINTENANCE -h, --help -p, --purge -r, --relative -v, --verbose

NON-PAM INTERACTION -f, --fail -w, --whitelist -c, --check -s, --service -U, --user -H, --host If you specified commands to run in your configuration, those commands will try to run if the host or user switches state (blocked <→ clear) since the last time it was checked. The command will only be able to run, however, if you supply enough information to fill in the substitutions in the command. For instance, if your host_clr_command uses the %s parameter, you will need to specify the service with -s in order for the command to actually run.

EXAMPLES Obtain a list of failed hosts and users: $ pam_abl Obtain a full list of failures listing times relative to now: $ pam_abl -rv $ pam_abl --relative --verbose Purge old data: $ pam_abl -p $ pam_abl --purge Unblock all example.com, somewhere.com hosts: $ pam_abl -w -H *.example.com -H \*.somewhere.com Fail the host badguy.com and the user joe: $ pam_abl -f -H badguy.com -U joe Check whether joe is currently allowed to use your neato service from somehost, running the necessary commands if he switches state: $ pam_abl -c -U joe -H somehost -s neato

AUTHORS Andy Armstrong <andy@hexten.net> Chris Tasma <pam-abl@deksai.com>

REPORTING BUGS Report bugs to <pam-abl@deksai.com>

SEE ALSO pam_abl.conf(5), pam_abl(8)