Updated: 2022/Sep/29

Please read Privacy Policy. It's for your privacy.

PAM_GROUP(8)                System Manager's Manual               PAM_GROUP(8)

     pam_group - Group PAM module

     [service-name] module-type control-flag pam_group [arguments]

     The group service module for PAM accepts or rejects users based on their
     membership in a particular file group.

     The following options may be passed to the pam_group module:

     deny           Reverse the meaning of the test, i.e., reject the
                    applicant if and only if he or she is a member of the
                    specified group.  This can be useful to exclude certain
                    groups of users from certain services.

     fail_safe      If the specified group does not exist, or has no members,
                    act as if it does exist and the applicant is a member.

                    Specify the name of the group to check.  The default is

     root_only      Skip this module entirely if the target account is not the
                    superuser account.

     authenticate   The user is asked to authenticate using his own password.

     pam.conf(5), pam(8)

     The pam_group module and this manual page were developed for the FreeBSD
     Project by ThinkSec AS and NAI Labs, the Security Research Division of
     Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
     ("CBOSS"), as part of the DARPA CHATS research program.

NetBSD 9.99                    February 1, 2005                    NetBSD 9.99