Manual Reference Pages - PAM_GROUP (8)
- Group PAM module
The group service module for PAM accepts or rejects users based on
their membership in a particular file group.
provides functionality for two PAM categories: authentication and
In terms of the module-type parameter, they are the auth and
The following options may be passed to the
Reverse the meaning of the test, i.e., reject the applicant if and only
if he or she is a member of the specified group.
This can be useful to exclude certain groups of users from certain
If the specified group does not exist, or has no members, act as if
it does exist and the applicant is a member.
| group = groupname
Specify the name of the group to check.
The default is
Accept or reject based on the target users group membership.
Skip this module entirely if the target account is not the superuser
Accept or reject based on the supplicants group membership.
This is the default.
Note that the
options are mutually exclusive, and that
will fail if both are specified.
module and this manual page were developed for the
ThinkSec AS and NAI Labs, the Security Research Division of Network
Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
as part of the DARPA CHATS research program.
Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.