Manual Reference Pages - PMVARRUN (8)
pmvarrun - updates /var/run/pam_mount/user
pmvarrun -u user [options]
A separate program is needed so that /var/run/pam_mount/user may be
created with a pam_mount-specific security context (otherwise
SELinux policy will conflict with gdm, which also creates file
pmvarrun is flexible and can run in a number of different security setups:
When pmvarrun is invoked as root, /var/run/pam_mounts permission settings can
be as strict as needed; usually (0755,root,root) is a good pick as it gives
users the debug control over their refcount. Refcount files are given their
respective owners (chowned to the user who logs in).
When invoked as the user who logs in, /var/run/pam_mount needs appropriate
permissions to create a file, which means the write bit must be set. It is also
highly suggested to set the sticky bit in this case, so other users do not
tamper with your refcount.
Some programs or login helpers incorrectly call the PAM stack in a way that the
login phase is done as root and the logout phase as a normal user.
Nevertheless, pmvarrun supports this, and the same permissions as in root-root
can be used. While the user may not be able to unlink his file from
/var/run/pam_mount, it will be truncated to indicate the same state.
--user user, -u user
User to handle, must be a valid username.
--operation number, -o number
Increase volume count by number.
Turn on debugging.
This manpage was originally written by Bastian Kleineidam
<email@example.com> for the Debian distribution of libpam-mount but
may be used by others.
See /usr/share/doc/packages/pam_mount/AUTHORS for the list of original authors
|pam_mount ||PMVARRUN (8) ||2008-10-08 |
Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.