pam_env(8) — Linux manual page


PAM_ENV(8)                    Linux-PAM Manual                    PAM_ENV(8)

NAME         top

       pam_env - PAM module to set/unset environment variables

SYNOPSIS         top [debug] [conffile=conf-file] [envfile=env-file]
                  [readenv=0|1] [user_envfile=env-file] [user_readenv=0|1]

DESCRIPTION         top

       The pam_env PAM module allows the (un)setting of environment
       variables. Supported is the use of previously set environment
       variables as well as PAM_ITEMs such as PAM_RHOST.

       By default rules for (un)setting of variables are taken from the
       config file /etc/security/pam_env.conf. An alternate file can be
       specified with the conffile option.

       Second a file (/etc/environment by default) with simple KEY=VAL pairs
       on separate lines will be read. With the envfile option an alternate
       file can be specified. And with the readenv option this can be
       completly disabled.

       Third it will read a user configuration file ($HOME/.pam_environment
       by default). The default file file can be changed with the
       user_envfile option and it can be turned on and off with the
       user_readenv option.

       Since setting of PAM environment variables can have side effects to
       other modules, this module should be the last one on the stack.

OPTIONS         top

           Indicate an alternative pam_env.conf style configuration file to
           override the default. This can be useful when different services
           need different environments.

           A lot of debug information is printed with syslog(3).

           Indicate an alternative environment file to override the default.
           The syntax are simple KEY=VAL pairs on separate lines. The export
           instruction can be specified for bash compatibility, but will be
           ignored. This can be useful when different services need
           different environments.

           Turns on or off the reading of the file specified by envfile (0
           is off, 1 is on). By default this option is on.

           Indicate an alternative .pam_environment file to override the
           default.The syntax is the same as for /etc/environment. The
           filename is relative to the user home directory. This can be
           useful when different services need different environments.

           Turns on or off the reading of the user specific environment
           file. 0 is off, 1 is on. By default this option is on.


       The auth and session module types are provided.

RETURN VALUES         top

           Not all relevant data or options could be gotten.

           Memory buffer error.

           No pam_env.conf and environment file was found.

           Environment variables were set.

FILES         top

           Default configuration file

           Default environment file

           User specific environment file

SEE ALSO         top

       pam_env.conf(5), pam.d(5), pam(8), environ(7).

AUTHOR         top

       pam_env was written by Dave Kinchlea <>.

COLOPHON         top

       This page is part of the linux-pam (Pluggable Authentication Modules
       for Linux) project.  Information about the project can be found at 
       ⟨⟩.  If you have a bug report for this manual
       page, see ⟨//⟩.  This page was obtained from the
       tarball Linux-PAM-1.3.0.tar.bz2 fetched from
       ⟨⟩ on 2020-11-01.  If you discover
       any rendering problems in this HTML version of the page, or you be‐
       lieve there is a better or more up-to-date source for the page, or
       you have corrections or improvements to the information in this
       COLOPHON (which is not part of the original manual page), send a mail

Linux-PAM Manual                 04/01/2016                       PAM_ENV(8)

Pages that refer to this page: runuser(1)su(1)environment(5)pam_env.conf(5)systemd.exec(5)environ(7)