4bbdfe4e6e
up to par with the Linux pam_access(8). Like the Linux pam_access(8) our pam_login_access(8) is a service module for pam(3) that allows a administrator to limit access from specified remote hosts or terminals. Unlike the Linux pam_access, pam_login_access is missing some features which are added by this commit: Access file can now be specified. The default remains /etc/access.conf. The syntax is consistent with Linux pam_access. By default usernames are matched. If the username fails to match a match against a group name is attempted. The new nodefgroup module option will only match a username and no attempt to match a group name is made. Group names must be specified in brackets, "()" when nodefgroup is specified. Otherwise the old backward compatible behavior is used. This is consistent with Linux pam_access. A new field separator module option allows the replacement of the default colon (:) with any other character. This facilitates potential future specification of X displays. This is also consistent with Linux pam_access. A new list separator module option to replace the default space/comma/tab with another character. This too is consistent with Linux pam_access. Linux pam_access options not implemented in this commit are the debug and audit options. These will be implemented at a later date. Reviewed by: bjk, bcr (for manpages) Approved by: des (blanket, implicit) MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D23198 |
||
---|---|---|
.. | ||
libpam | ||
modules | ||
pam.d | ||
static_libpam | ||
Makefile | ||
Makefile.inc |