Returns PAM_SUCCESS if the authenticating user has a real user ID (UID) of 0.
The pam_allowroot module checks the real user ID (UID) under which the PAM application was run. If the UID of the authenticating user is 0 (zero), then it is the root user and PAM_SUCCESS is returned.
The pam_allowroot module only checks the real user ID. Many applications that require root access will set the effective user ID to 0. For this reason, the effective ID is not used in determining whether or not the user executing the authenticating application is a root user.
#
# The PAM configuration for standard su behavior.
#
su auth sufficient /usr/lib/security/pam_allowroot
su auth required /usr/lib/security/pam_aix
Supported PAM module types
Options
Item | Description |
---|---|
debug | Log debugging information to syslog. |
nowarn | Do not display warning messages. |
Return Values
Upon successful completion, PAM_SUCCESS is returned. If a failure occurs, a PAM error code will be returned, depending on the actual error.
/usr/lib/security/pam_allowroot