sepermit.conf(5) — Linux manual page


SEPERMIT.CONF(5)            Linux-PAM Manual            SEPERMIT.CONF(5)

NAME         top

       sepermit.conf - configuration file for the pam_sepermit module

DESCRIPTION         top

       The lines of the configuration file have the following syntax:


       The user can be specified in the following manner:

       •   a username

       •   a groupname, with @group syntax. This should not be confused
           with netgroups.

       •   a SELinux user name with %seuser syntax.

       The recognized options are:

           Only single login session will be allowed for the user and
           the user's processes will be killed on logout.

           The module will never return PAM_SUCCESS status for the user.
           It will return PAM_IGNORE if SELinux is in the enforcing
           mode, and PAM_AUTH_ERR otherwise. It is useful if you want to
           support passwordless guest users and other confined users
           with passwords simultaneously.

       The lines which start with # character are comments and are

EXAMPLES         top

       These are some example lines which might be specified in


SEE ALSO         top

       pam_sepermit(8), pam.d(5), pam(8), selinux(8),

AUTHOR         top

       pam_sepermit and this manual page were written by Tomas Mraz

COLOPHON         top

       This page is part of the linux-pam (Pluggable Authentication
       Modules for Linux) project.  Information about the project can be
       found at ⟨⟩.  If you have a bug report
       for this manual page, see ⟨//⟩.  This page was
       obtained from the project's upstream Git repository
       ⟨⟩ on 2023-12-22.  (At
       that time, the date of the most recent commit that was found in
       the repository was 2023-12-18.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there
       is a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to

Linux-PAM Manual               12/22/2023               SEPERMIT.CONF(5)

Pages that refer to this page: pam_sepermit(8)