GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  PAM_REGEX (8)

NAME

pam_regex - authentication using regular expressions

CONTENTS

Synopsis
Description
Options
Module Types Provided
Return Values
Examples
Note
Authors
Copyright

SYNOPSIS

pam_regex [sense=SENSE]
[user=NAME]
[regex=EXPRESSION]
[basic|extended] [case|ignore-case|icase]
[transform=S-EXPR]
[debug[=NUMBER]]
[waitdebug]
[audit]

DESCRIPTION

A general-purpose tool for authentication using regular expressions. It can be used to control access depending on whether the user name matches a given regular expression or to modify user name as per a sed-like expression, so that subsequent modules see the modified name.

OPTIONS

regex=EXPRESSION
  Compare user name with EXPRESSION. By default the argument is treated as an extended regular expression with case-sensitive matching.

When this option is used, pam_regex allows only login attempts with user names that match the given expression. See the sensed option to revert that behavior.

sense=allow|deny
  What to do if the user name matches the expression given by the regex option. The value allow (the default) instructs the module to return PAM_SUCCESS, the deny instructs it to return PAM_AUTH_ERR.
transform=S-EXPR
  Transform the user name using a sed-like expression. The argument should have the following form: s/regexp/repl/[flags]

See sed(1), for a detailed description. Supported flags are: g, to apply the replacement to all matches, not just the first, i, to use case-insensitive matching, and x, which indicates that regexp is an extended POSIX regular expression. A decimal number in the flags field indicates the ordinal number of the match to be replaced. Using it together with g results in undefined behavior.

Any delimiter can be used in lieue of the slash, the only requirement being that it be used consistently throughout the expression.

basic Use basic regular expressions.
case Use case-sensitive regular expressions (default).
extended
  Use extended regular expressions (default).
ignore-case or icase
  Use case-insensitive regular expressions.
user=NAME
  Upon successful matching, set PAM user name to STRING.
debug[=NUMBER]
  Set debugging level (0 <= NUMBER <= 100).
audit Log full debugging information (equivalent to debug=100).
waitdebug=N
  Wait for N seconds before starting up. This option is intended to facilitate attaching to the module with gdb(1). It is available only if the package was configured with the --enable-debug option.

MODULE TYPES PROVIDED

auth

RETURN VALUES

PAM_SUCCESS
  Successful return.
PAM_AUTH_ERR
  Authentication failed.
PAM_AUTHINFO_UNAVAIL
  The input information is not sufficient.

EXAMPLES

0step]. Deny access to users with login name containig the @ sign.
auth required pam_regex.so sense=deny regex=.*@.*
0[step]. Convert the user name to lower case and remove anything starting from the @ character:
auth required pam_regex.so extended transform=s/.*/\L&/g;s/@.*//

NOTE

This manpage is a short description of pam_regex. For a detailed discussion, including examples and usage recommendations, refer to the PAM-modules Manual available in texinfo format. If the info reader and the tar documentation are properly installed on your system, the command

info pam-modules

should give you access to the complete manual.

You can also view the manual using the info mode in emacs(1), or find it in various formats online at

http://www.gnu.org.ua/software/pam-modules/manual

If any discrepancies occur between this manpage and the PAM-modules Manual, the later shall be considered the authoritative source.

SEE ALSO

pam.conf(5), pam.d(5), pam(8), regex(7), sed(1).

AUTHORS

Sergey Poznyakoff <gray@gnu.org>

BUG REPORTS

Report bugs to <bug-pam-modules@gnu.org.ua>.

COPYRIGHT

Copyright © 2001-2014 Sergey Poznyakoff
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.

Search for    or go to Top of page |  Section 8 |  Main Index


PAM-MODULES PAM_REGEX (8) March 28, 2014

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.