Contained WithinFind More DocumentationFeatured Support Resources |  PDF로 이 문서 다운로드 (2143 KB)
pam_tsol_account(5)Name | Synopsis | Description | Options | Return Values | Attributes | See Also | Notes Name
Synopsis/usr/lib/security/pam_tsol_account.so.1 DescriptionThe Solaris Trusted Extensions service module for PAM, /usr/lib/security/pam_tsol_account.so.1, checks account limitations that are related to labels. The pam_tsol_account.so.1 module is a shared object that can be dynamically loaded to provide the necessary functionality upon demand. Its path is specified in the PAM configuration file. pam_tsol_account.so.1 contains a function to perform account management, pam_sm_acct_mgmt(). The function checks for the allowed label range for the user. The allowable label range is set by the defaults in the label_encodings(4) file. These defaults can be overridden by entries in the user_attr(4) database. By default, this module requires that remote hosts connecting to the global zone must have a CIPSO host type. To disable this policy, add the allow_unlabeled keyword as an option to the entry in pam.conf(4), as in:
Options
The following options can be passed to the module: Return Values
The following values are returned: AttributesSee attributes(5) for description of the following attributes:
The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle. See Alsokeylogin(1), libpam(3LIB), pam(3PAM), pam_sm_acct_mgmt(3PAM), pam_start(3PAM), syslog(3C), label_encodings(4), pam.conf(4), user_attr(4), attributes(5) Chapter 17, Using PAM, in System Administration Guide: Security Services NotesThe functionality described on this manual page is available only if the system is configured with Trusted Extensions. Name | Synopsis | Description | Options | Return Values | Attributes | See Also | Notes |
|||||||
|