Package pam

An extensible library which provides authentication for applications

PAM (Pluggable Authentication Modules) is a system security tool that
allows system administrators to set authentication policy without
having to recompile programs that handle authentication.

File Formats
File Description
access.conf the login access control table file
config-util Common PAM configuration file for configuration utilities
console.apps specify console-accessible privileged applications
console.handlers file specifying handlers of console lock and unlock events
console.perms permissions control file for users at the system console
group.conf configuration file for the pam_group module
limits.conf configuration file for the pam_limits module
namespace.conf the namespace configuration file
pam.conf PAM configuration files
pam_env.conf the environment variables config files
postlogin Common configuration file for PAMified services
sepermit.conf configuration file for the pam_sepermit module
system-auth Common configuration file for PAMified services
time.conf configuration file for the pam_time module
System Administration
Command Description
faillock Tool for displaying and modifying the authentication failure record files
mkhomedir_helper Helper binary that creates home directories
PAM Pluggable Authentication Modules for Linux
pam_access PAM module for logdaemon style login access control
pam_console determine user owning the system console
pam_console_apply set or revoke permissions for users at the system console
pam_cracklib PAM module to check the password against dictionary words
pam_debug PAM module to debug the PAM stack
pam_deny The locking-out PAM module
pam_echo PAM module for printing text messages
pam_env PAM module to set/unset environment variables
pam_exec PAM module which calls an external command
pam_faildelay Change the delay on failure per-application
pam_faillock Module counting authentication failures during a specified interval
pam_filter PAM filter module
pam_ftp PAM module for anonymous access module
pam_group PAM module for group access
pam_issue PAM module to add issue file to user prompt
pam_keyinit Kernel session keyring initialiser module
pam_lastlog PAM module to display date of last login and perform inactive account lock out
pam_limits PAM module to limit resources
pam_listfile deny or allow services based on an arbitrary file
pam_localuser require users to be listed in /etc/passwd
pam_loginuid Record user's login uid to the process attribute
pam_mail Inform about available mail
pam_mkhomedir PAM module to create users home directory
pam_motd Display the motd file
pam_namespace PAM module for configuring namespace for a session
pam_nologin Prevent non-root users from login
pam_permit The promiscuous module
pam_postgresok simple check of real UID and corresponding account name
pam_pwhistory PAM module to remember last passwords
pam_rhosts The rhosts PAM module
pam_rootok Gain only root access
pam_securetty Limit root login to special devices
pam_selinux PAM module to set the default security context
pam_sepermit PAM module to allow/deny login depending on SELinux enforcement state
pam_shells PAM module to check for valid login shell
pam_succeed_if test account characteristics
pam_time PAM module for time control access
pam_timestamp Authenticate using cached successful authentication attempts
pam_timestamp_check Check to see if the default timestamp is valid
pam_tty_audit Enable or disable TTY auditing for specified users
pam_umask PAM module to set the file mode creation mask
pam_unix Module for traditional password authentication
pam_userdb PAM module to authenticate against a db database
pam_warn PAM module which logs all PAM items if called
pam_wheel Only permit root access to members of group wheel
pam_xauth PAM module to forward xauth keys between users
pwhistory_helper Helper binary that transfers password hashes from passwd or shadow to opasswd
unix_chkpwd Helper binary that verifies the password of the current user
unix_update Helper binary that updates the password of a given user