." make the size of the head bigger \$* \$1

\l’75u’

." make the size of the head bigger

Name

pam-config - Adjust common PAM config files

Synopsis

pam-config [--debug] [--list-modules] [--service service-name] -a | -c | -d | -q [-f] [module-name]
pam-config --version

DESCRIPTION

pam-config adjusts predefined PAM config files.

OPTIONS

COMMON OPTIONS

--debug

Print debug messages.

-f, --force

The new configuration will be activated regardless if there are other local changes.

--list-modules

Prints out a list of all supported modules to stdout.

--nullok

Add nullok to all modules which support this.

--pam-debug

Add debug to all modules which support this.

MODIFIER OPTIONS

Use the following options to specifiy the action you want pam-config to apply. They need to be followed by a supported module option. See the section called \(lqSUPPORTED PAM MODULES\(rq.

-a, --add

Add options or new PAM modules to existing PAM configuration files.

-c, --create

Create new PAM configuration files for plain UNIX authentication, overwriting existing ones.

-d, --delete

Remove options or PAM modules from existing PAM configuration files.

-q, --query

Print a list of types and the corresponding module options for the queried PAM module.

--verify

Do some sanity checks on the current common PAM configuration files.

SUPPORTED PAM MODULES

This is a list of modules supported by pam-config. They are split into two categories: global and single service modules.

GLOBAL MODULES

The global modules get inserted into the common-{account,auth,password,session} files which are included by the single service files.

--apparmor

Enable/Disable pam_apparmor.so

--apparmor-debug

Add debug option to all pam_apparmor.so invocations.

--ccreds

Enable/Disable pam_ccreds.so

--cracklib

Enable/Disable pam_cracklib.so

--cracklib-debug

Add debug option to all pam_cracklib.so invocations.

--cracklib-authtok_type=value

Add authtok_type=value option to pam_cracklib.so.

--cracklib-retry=value

Add retry=value option to pam_cracklib.so.

--cracklib-difok=value

Add difok=value option to pam_cracklib.so.

--cracklib-difignore=value

Add difignore=value option to pam_cracklib.so.

--cracklib-minlen=value

Add minlen=value option to pam_cracklib.so.

--cracklib-dcredit=value

Add dcredit=value option to pam_cracklib.so.

--cracklib-ucredit=value

Add ucredit=value option to pam_cracklib.so.

--cracklib-lcredit=value

Add lcredit=value option to pam_cracklib.so.

--cracklib-ocredit=value

Add ocredit=value option to pam_cracklib.so.

--cracklib-minclass=value

Add minclass=value option to pam_cracklib.so.

--cracklib-dictpath=value

Add dictpath=value option to pam_cracklib.so.

--env

Enable/Disable pam_env.so

--env-debug

Add debug option to all pam_env.so invocations.

--env-conffile=value

Add conffile=value option to pam_env.so.

--env-envfile=value

Add envfile=value option to pam_env.so.

--env-readenv=value

Add readenv=value option to pam_env.so.

--fp

Enable/Disable pam_fp.so

--fp-debug

Add debug option to all pam_fp.so invocations.

--gnome_keyring

Enable/Disable pam_gnome_keyring.so

--gnome_keyring-auto_start

Add auto_start option to all pam_gnome_keyring.so invocations.

--gnome_keyring-only_if=value

Add only_if=value option to pam_gnome_keyring.so.

--group

Enable/Disable pam_group.so

--krb5

Enable/Disable pam_krb5.so

--krb5-debug

Add debug option to all pam_krb5.so invocations.

--krb5-ignore_unknown_principals

Add ignore_unknown_principals option to all pam_krb5.so invocations.

--krb5-minimum_uid=value

Add minimum_uid=value option to pam_krb5.so.

--ldap

Enable/Disable pam_ldap.so

--ldap-debug

Add debug option to all pam_ldap.so invocations.

--limits

Enable/Disable pam_limits.so

--limits-debug

Add debug option to all pam_limits.so invocations.

--limits-change_uid

Add change_uid option to all pam_limits.so invocations.

--limits-utmp_early

Add utmp_early option to all pam_limits.so invocations.

--limits-conf=value

Add conf=value option to pam_limits.so.

--localuser

Enable/Disable pam_localuser.so

--localuser-debug

Add debug option to all pam_localuser.so invocations.

--localuser-file=value

Add file=value option to pam_localuser.so.

--make

Enable/Disable pam_make.so

--make-debug

Add debug option to all pam_make.so invocations.

--make-nosetuid

Add nosetuid option to all pam_make.so invocations.

--make-make=value

Add make=value option to pam_make.so.

--make-log=value

Add log=value option to pam_make.so.

--make-option=value

Add option=value option to pam_make.so.

--mkhomedir

Enable/Disable pam_mkhomedir.so

--mkhomedir-debug

Add debug option to all pam_mkhomedir.so invocations.

--mkhomedir-silent

Add silent option to all pam_mkhomedir.so invocations.

--mkhomedir-umask=value

Add umask=value option to pam_mkhomedir.so.

--mkhomedir-skel=value

Add skel=value option to pam_mkhomedir.so.

--nam

Enable/Disable pam_nam.so

--pkcs11

Enable/Disable pam_pkcs11.so

--pkcs11-debug

Add debug option to all pam_pkcs11.so invocations.

--pkcs11-configfile=value

Add configfile=value option to pam_pkcs11.so.

--pwcheck

Enable/Disable pam_pwcheck.so module in password section.

--pwcheck-debug

Add debug option to all pam_pwcheck.so invocations.

--pwcheck-nullok

Add nullok option to all pam_pwcheck.so invocations.

--pwcheck-cracklib

Add cracklib option to pam_pwcheck.so.

--pwcheck-no_obscure_checks

Add no_obscure_checks option to pam_pwcheck.so.

--pwcheck-enforce_for_root

Add enforce_for_root option to pam_pwcheck.so.

--pwcheck-cracklib_path=path

Add cracklib_path=path to pam_pwcheck.so.

--pwcheck-maxlen=N

Add maxlen=N to pam_pwcheck.so.

--pwcheck-minlen=N

Add minlen=N to pam_pwcheck.so.

--pwcheck-tries=N

Add tries=N to pam_pwcheck.so.

--pwcheck-remember=N

Add remember=N to pam_pwcheck.so.

--pwhistory

Enable/Disable pam_pwhistory.so

--pwhistory-debug

Add debug option to all pam_pwhistory.so invocations.

--pwhistory-use_authtok

Add use_authtok option to all pam_pwhistory.so invocations.

--pwhistory-enforce_for_root

Add enforce_for_root option to all pam_pwhistory.so invocations.

--pwhistory-remember=value

Add remember=value option to pam_pwhistory.so.

--pwhistory-retry=value

Add retry=value option to pam_pwhistory.so.

--pwhistory-authtok_type=value

Add authtok_type=value option to pam_pwhistory.so.

--selinux

Enable/Disable pam_selinux.so

--selinux-debug

Add debug option to all pam_selinux.so invocations.

--ssh

Enable/Disable pam_ssh.so

--ssh-debug

Add debug option to all pam_ssh.so invocations.

--ssh-nullok

Add nullok option to all pam_ssh.so invocations.

--ssh-try_first_pass

Add try_first_pass option to all pam_ssh.so invocations.

--ssh-keyfiles=value

Add keyfiles=value option to pam_ssh.so.

--thinkfinger

Enable/Disable pam_thinkfinger.so

--thinkfinger-debug

Add debug option to all pam_thinkfinger.so invocations.

--umask

Add pam_umask.so as optional session module.

--umask-debug

Add debug option to all pam_umask.so invocations in session management.

--umask-silent

Add silent option to all pam_umask.so invocations in session management.

--umask-usergroups

Add usergroups option to all pam_umask.so invocations in session management.

--umask-umask=mode

Add umask=mode to pam_umask.so.

--unix

Enable/Disable pam_unix.so

--unix-debug

Add debug option to all pam_unix.so invocations.

--unix-audit

Add audit option to all pam_unix.so invocations.

--unix-nodelay

Add nodelay option to all pam_unix.so invocations.

--unix-nullok

Add nullok option to all pam_unix.so invocations.

--unix-shadow

Add shadow option to all pam_unix.so invocations.

--unix-md5

Add md5 option to all pam_unix.so invocations.

--unix-bigcrypt

Add bigcrypt option to all pam_unix.so invocations.

--unix-not_set_pass

Add not_set_pass option to all pam_unix.so invocations.

--unix-nis

Add nis option to all pam_unix.so invocations.

--unix-broken_shadow

Add broken_shadow option to all pam_unix.so invocations.

--unix-remember=value

Add remember=value option to pam_unix.so.

--unix2

Use pam_unix2.so as standard UNIX PAM module.

--unix2-nullok

Add nullok option to all pam_unix2.so invocations.

--unix2-debug

Add debug option to all pam_unix2.so invocations.

--unix2-trace

Add trace option to pam_unix2.so.

--unix2-none

Add option none to pam_unix2.so.

--unix2-call_modules=modules,...

Add call_modules=list of modules to pam_unix2.so.

--unix2-nisdir=path

Add nisdir=path to pam_unix2.so.

--winbind

Enable/Disable pam_winbind.so

--winbind-debug

Add debug option to all pam_winbind.so invocations.

SINGLE SERVICE MODULES

These modules can only be added to single service files. See also the section called \(lq \$* \$* \(rq.

--ck_connector

Enable/Disable pam_ck_connector.so

--ck_connector-debug

Add debug option to all pam_ck_connector.so invocations.

--cryptpass

Enable/Disable pam_cryptpass.so

--csync

Enable/Disable pam_csync.so

--csync-use_first_pass

Add use_first_pass option to all pam_csync.so invocations.

--csync-try_first_pass

Add try_first_pass option to all pam_csync.so invocations.

--csync-soft_try_pass

Add soft_try_pass option to all pam_csync.so invocations.

--csync-nullok

Add nullok option to all pam_csync.so invocations.

--csync-debug

Add debug option to all pam_csync.so invocations.

--csync-silent

Add silent option to all pam_csync.so invocations.

--lastlog

Enable/Disable pam_lastlog.so

--lastlog-debug

Add debug option to all pam_lastlog.so invocations.

--lastlog-silent

Add silent option to all pam_lastlog.so invocations.

--lastlog-never

Add never option to all pam_lastlog.so invocations.

--lastlog-nodate

Add nodate option to all pam_lastlog.so invocations.

--lastlog-nohost

Add nohost option to all pam_lastlog.so invocations.

--lastlog-noterm

Add noterm option to all pam_lastlog.so invocations.

--lastlog-nowtmp

Add nowtmp option to all pam_lastlog.so invocations.

--lastlog-noupdate

Add noupdate option to all pam_lastlog.so invocations.

--lastlog-showfailed

Add showfailed option to all pam_lastlog.so invocations.

--loginuid

Enable/Disable pam_loginuid.so

--loginuid-require_auditd

Add require_auditd option to all pam_loginuid.so invocations.

--mount

Enable/Disable pam_mount.so

USAGE EXAMPLES

pam-config -q --unix2

Query state of pam_unix2.so.

pam-config -a --ldap

Enable ldap authentication.

pam-config --service gdm -a --mount

Enable pam_mount.so for service gdm.

pam-config --debug -a --force --umask

Enable pam_umask.so whether installed or not, and print debug information during the process.

SEE ALSO

PAM(8), pam_unix2(8), pam_pwcheck(8), pam_mkhomedir(8), pam_limits(8), pam_env(8), pam_xauth(8), pam_make(8)

AUTHOR

pam-config was written by Thorsten Kukuk <kukuk@thkukuk.de>.

openSUSE Logo

Contents