Bug 64299 - RFE: pam_nologin option to specify a list of users to let in.
RFE: pam_nologin option to specify a list of users to let in.
Product: Fedora
Classification: Fedora
Component: pam (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Aaron Brown
: FutureFeature
Depends On:
  Show dependency treegraph
Reported: 2002-05-01 17:31 EDT by Aleksey Nogin
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-09-08 13:16:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Aleksey Nogin 2002-05-01 17:31:43 EDT
It would be nice if pam_nologin could take an option to change the default
behaviour. In particular, it would be great if one could specify that
pam_nologin should let some particular users in besides (or instead of) root.
Also, it may be a good idea to allow one to specify a file other than
/etc/nologin to watch.

In general, pam_nologin appears to be the only module that can be used to
provide a user with some specific information as to why the access was denied.
Possibly, instead extending nologin (which already provides some very standard
and expected functionality), some other module (may be pam_listfile?, or all of
them through a library extension?) could be extended to support customized
"permission denied" error messages.
Comment 1 Tomas Mraz 2005-09-08 13:16:35 EDT
You can already specify different file than /etc/nologin. (Use the file= option.)

The second request can be easily worked around - use pam_listfile, pam_access or
pam_succeed_if for denying access and pam_nologin only as optional module.

Note You need to log in before you can comment on or make changes to this bug.