pam_login_access
—
login.access PAM module
[service-name] module-type
control-flag pam_login_access
[options]
The login.access service module for PAM provides functionality for only one PAM
category: account management. In terms of the
module-type parameter, this is the
“account
” feature.
The login.access account management component
(pam_sm_acct_mgmt
()), returns success if and only if
the user is allowed to log in on the specified tty (in the case of a local
login) or from the specified remote host (in the case of a remote login),
according to the restrictions listed in
/etc/login.access.
The login.access(5) access
control scheme was designed and implemented by Wietse
Venema.
The pam_login_access
module and this
manual page were developed for the FreeBSD Project
by ThinkSec AS and NAI Labs, the Security Research Division of Network
Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
(“CBOSS”), as part of the DARPA CHATS research program.