Denies all non-root user logins if /etc/nologin or an optionally specified file is present.
The pam_ckfile module allows or denies authentication, based on the existence of a file. The file checked for existence can be set with the file=<filename> module option. If not specified the file defaults to /etc/nologin.
If the specified file exists, only root users (those with a user ID of 0) may authenticate. All other users are denied access for the service, and pam_ckfile will echo the contents (if any) of that file. If the specified file does not exist, the module returns PAM_IGNORE. System administrators should ensure that success or failure of the module stack for a service does not depend solely on the result of this module.
#
# Provide the standard /etc/nologin behavior for login.
#
login auth required /usr/lib/security/pam_ckfile file=/etc/nologin
login auth required /usr/lib/security/pam_aix
Supported PAM module types
Options
Item | Description |
---|---|
debug | Log debugging information to syslog. |
nowarn | Do not display warning messages. |
file=<filename> | Use <filename> instead of /etc/nologin. Note: <filename> must be the full path to
the file.
|
Return Values
Upon successful completion PAM_SUCCESS is returned. If the specified file does not exist the module returns PAM_IGNORE. If another failure occurs, a PAM error code will be returned, depending on the actual error.
/usr/lib/security/pam_ckfile