1.\" Copyright (c) 2001 Mark R V Murray
2.\" All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\"
13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23.\" SUCH DAMAGE.
24.\"
25.Dd June 10, 2007
26.Dt PAM_NOLOGIN 8
27.Os
28.Sh NAME
29.Nm pam_nologin
30.Nd NoLogin PAM module
31.Sh SYNOPSIS
32.Op Ar service-name
33.Ar module-type
34.Ar control-flag
35.Pa pam_nologin
36.Op Ar options
37.Sh DESCRIPTION
38The NoLogin service module for PAM,
39.Nm
40provides functionality for only one PAM category:
41account management.
42In terms of the
43.Ar module-type
44parameter, this is the
45.Dq Li account
46feature.
47.Ss NoLogin Account Management Module
48The NoLogin account management component,
49.Fn pam_sm_acct_mgmt ,
50verifies whether logins are administratively disabled via
51.Xr nologin 5 .
52It returns success if the user's login class has an "ignorenologin"
53capability specified in
54.Xr login.conf 5
55or the
56.Xr nologin 5
57file does not exist.
58If neither condition is met,
59then the contents of
60.Xr nologin 5
61are echoed
62before failure is returned.
63The location of
64.Xr nologin 5
65is specified by a "nologin" capability in
66.Xr login.conf 5 ,
67which defaults to
68.Pa /var/run/nologin .
69.Pp
70The following options may be passed to the module:
71.Bl -tag -width ".Cm no_warn"
72.It Cm debug
73.Xr syslog 3
74debugging information at
75.Dv LOG_DEBUG
76level.
77.It Cm no_warn
78suppress warning messages to the user.
79These messages include
80reasons why the user's
81login attempt was declined.
82.El
83.Sh SEE ALSO
84.Xr syslog 3 ,
85.Xr login.conf 5 ,
86.Xr nologin 5 ,
87.Xr pam.conf 5 ,
88.Xr pam 3
89