table of contents
other sections
PAM_ABL(8) | Linux-PAM Manual | PAM_ABL(8) |
NAME
SYNOPSIS
DESCRIPTION
OPTIONS
Name | Arguments | Description |
debug | None | Enable debug output to syslog. |
expose_account | None | Ignored |
no_warn | None | Disable warnings which are otherwise output to syslog. try_first_pass None Ignored |
use_first_pass | None | Ignored |
use_mapped_pass | None | Ignored |
config | Path to the configuration file. | The configuration file contains additional arguments. In order for the pam_abl command line tool to work correctly most of the configuration should be placed in the config file rather than being provided by arguments. The format of the config file is described below. |
host_db | Path to host database file. | Path to the Berkeley DB which is used to log the host responsible for failed authentication attempts. |
host_purge | Purge time for the host database. | Defines how long failed hosts are retained in the host database. Defaults to 1 day. |
host_rule | Rule for host blacklisting. | The rule (see below for format) which defines the conditions under which a failed hosts will be blackisted. |
host_blk_cmd | Host block command | Command that should be run when a host is checked, and is currently blocked. Within the command, the strings %u, %h and %s are substituted with username, host and service. Not all need to be used. If substitution is called for, but there is no iformation for that field, the command will not run. |
host_clr_cmd | Host block command | Command that should be run when a host is checked, and is currently clear. Within the command, the strings %u, %h and %s are substituted with username, host and service. Not all need to be used. If substitution is called for, but there is no iformation for that field, the command will not run. |
user_db | Path to user database file. | Path to the Berkeley DB which is used to log the user responsible for failed authentication attempts. |
user_purge | Purge time for the user database. | Defines how long failed users are retained in the user database. Defaults to 1 day. |
user_rule | Rule for user blacklisting. | The rule (see below for format) which defines the conditions under which a failed users will be blackisted. |
user_blk_cmd | Host block command | Command that should be run when a user is checked, and is currently blocked. Within the command, the strings %u, %h and %s are substituted with username, host and service. Not all need to be used. If substitution is called for, but there is no iformation for that field, the command will not run. |
user_clr_cmd | Host block command | Command that should be run when a user is checked, and is currently clear. Within the command, the strings %u, %h and %s are substituted with username, host and service. Not all need to be used. If substitution is called for, but there is no iformation for that field, the command will not run. |
USAGE
EXAMPLES
auth required /lib/security/pam_env.so auth required /lib/security/pam_abl.so config=/etc/security/pam_abl.conf auth sufficient /lib/security/pam_unix.so likeauth nullok auth required /lib/security/pam_deny.so
SEE ALSO
AUTHORS
01/13/2010 | GNU |