NAME
pam_deny —
Deny PAM module
SYNOPSIS
[
service-name]
module-type control-flag
pam_deny
[
options]
DESCRIPTION
The deny authentication service module for PAM provides functionality for all
the PAM categories: authentication, account management, session management and
password management. In terms of the
module-type
parameter, these are the “
auth
”,
“
account
”,
“
session
”, and
“
password
” features.
The Deny module will universally deny all requests. It is primarily of use
during testing, and to “null-out” unwanted functionality.
The following options may be passed to the module:
-
-
- debug
- syslog(3)
debugging information at
LOG_DEBUG
level.
-
-
- no_warn
- suppress warning messages to the user. These messages
include reasons why the user's authentication attempt was declined.
-
-
- prelim_ignore
- for password management
(“
password
” feature), return
PAM_IGNORE
in the preliminary phase. This allows
the module to be used (with the
“required
” flag) at the end of a chain
of “sufficient
” modules with this
service (where the entire chain is in fact run twice).
SEE ALSO
syslog(3),
pam.conf(5),
pam(8)