FreeBSD 7.0 manual page repository

FreeBSD is a free computer operating system based on BSD UNIX originally. Many IT companies, like DeployIS is using it to provide an up-to-date, stable operating system.

pam_opieaccess - OPIEAccess PAM module

 

NAME

      pam_opieaccess - OPIEAccess PAM module
 

SYNOPSIS

      [service-name] module-type control-flag pam_opieaccess [options]
 

DESCRIPTION

      The pam_opieaccess module is used in conjunction with the pam_opie(8) PAM
      module to ascertain that authentication can proceed by other means (such
      as the pam_unix(8) module) even if OPIE authentication failed.  To prop‐
      erly use this module, pam_opie(8) should be marked “sufficient”, and
      pam_opieaccess should be listed right below it and marked “requisite”.
 
      The pam_opieaccess module provides functionality for only one PAM cate‐
      gory: authentication.  In terms of the module-type parameter, this is the
      “auth” feature.  It also provides null functions for the remaining module
      types.
 
    OPIEAccess Authentication Module
      The authentication component (pam_sm_authenticate()), returns PAM_SUCCESS
      in two cases:
 
      1.   The user does not have OPIE enabled.
 
      2.   The user has OPIE enabled, and the remote host is listed as a
           trusted host in /etc/opieaccess, and the user does not have a file
           named opiealways in his home directory.
 
      Otherwise, it returns PAM_AUTH_ERR.
 
      The following options may be passed to the authentication module:
 
      allow_local  Normally, local logins are subjected to the same restric‐
                   tions as remote logins from “localhost”.  This option causes
                   pam_opieaccess to always allow local logins.
 
      debug        syslog(3) debugging information at LOG_DEBUG level.
 
      no_warn      suppress warning messages to the user.  These messages
                   include reasons why the user’s authentication attempt was
                   declined.
 

FILES

      /etc/opieaccess  List of trusted hosts or networks.  See opieaccess(5)
                       for a description of its syntax.
      opie(4), opieaccess(5), pam.conf(5), pam(8), pam_opie(8)
 

AUTHORS

      The pam_opieaccess module and this manual page were developed for the
      FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Divi‐
      sion of Network Associates, Inc. under DARPA/SPAWAR contract
      N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program.
 

Sections

Based on BSD UNIX
FreeBSD is an advanced operating system for x86 compatible (including Pentium and Athlon), amd64 compatible (including Opteron, Athlon64, and EM64T), UltraSPARC, IA-64, PC-98 and ARM architectures. It is derived from BSD, the version of UNIX developed at the University of California, Berkeley. It is developed and maintained by a large team of individuals. Additional platforms are in various stages of development.