1.\" $NetBSD: pam_group.8,v 1.4 2005/02/02 14:34:25 wiz Exp $ 2.\" Copyright (c) 2003 Networks Associates Technology, Inc. 3.\" All rights reserved. 4.\" 5.\" Portions of this software were developed for the FreeBSD Project by 6.\" ThinkSec AS and NAI Labs, the Security Research Division of Network 7.\" Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 8.\" ("CBOSS"), as part of the DARPA CHATS research program. 9.\" 10.\" Redistribution and use in source and binary forms, with or without 11.\" modification, are permitted provided that the following conditions 12.\" are met: 13.\" 1. Redistributions of source code must retain the above copyright 14.\" notice, this list of conditions and the following disclaimer. 15.\" 2. Redistributions in binary form must reproduce the above copyright 16.\" notice, this list of conditions and the following disclaimer in the 17.\" documentation and/or other materials provided with the distribution. 18.\" 3. The name of the author may not be used to endorse or promote 19.\" products derived from this software without specific prior written 20.\" permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.\" $FreeBSD: src/lib/libpam/modules/pam_group/pam_group.8,v 1.3 2004/07/02 23:52:17 ru Exp $ 35.\" 36.Dd February 1, 2005 37.Dt PAM_GROUP 8 38.Os 39.Sh NAME 40.Nm pam_group 41.Nd Group PAM module 42.Sh SYNOPSIS 43.Op Ar service-name 44.Ar module-type 45.Ar control-flag 46.Pa pam_group 47.Op Ar arguments 48.Sh DESCRIPTION 49The group service module for PAM accepts or rejects users based on 50their membership in a particular file group. 51.Pp 52The following options may be passed to the 53.Nm 54module: 55.Bl -tag -width ".Cm fail_safe" 56.It Cm deny 57Reverse the meaning of the test, i.e., reject the applicant if and only 58if he or she is a member of the specified group. 59This can be useful to exclude certain groups of users from certain 60services. 61.It Cm fail_safe 62If the specified group does not exist, or has no members, act as if 63it does exist and the applicant is a member. 64.It Cm group Ns = Ns Ar groupname 65Specify the name of the group to check. 66The default is 67.Dq Li wheel . 68.It Cm root_only 69Skip this module entirely if the target account is not the superuser 70account. 71.It Cm authenticate 72The user is asked to authenticate using his own password. 73.El 74.Sh SEE ALSO 75.Xr pam.conf 5 , 76.Xr pam 8 77.Sh AUTHORS 78The 79.Nm 80module and this manual page were developed for the 81.Fx 82Project by 83ThinkSec AS and NAI Labs, the Security Research Division of Network 84Associates, Inc.\& under DARPA/SPAWAR contract N66001-01-C-8035 85.Pq Dq CBOSS , 86as part of the DARPA CHATS research program. 87