man7.org > Linux > man-pages

Linux/UNIX system programming training

pam_rootok(8) — Linux manual page

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | MODULE TYPES PROVIDED | RETURN VALUES | EXAMPLES | SEE ALSO | AUTHOR | COLOPHON 

PAM_ROOTOK(8)               Linux-PAM Manual               PAM_ROOTOK(8)

NAME         top

       pam_rootok - Gain only root access

SYNOPSIS         top

       pam_rootok.so [debug]

DESCRIPTION         top

       pam_rootok is a PAM module that authenticates the user if their
       UID is 0. Applications that are created setuid-root generally
       retain the UID of the user but run with the authority of an
       enhanced effective-UID. It is the real UID that is checked.

OPTIONS         top

       debug
           Print debug information.

MODULE TYPES PROVIDED         top

       The auth, acct and password module types are provided.

RETURN VALUES         top

       PAM_SUCCESS
           The UID is 0.

       PAM_AUTH_ERR
           The UID is not0.

EXAMPLES         top

       In the case of the su(1) application the historical usage is to
       permit the superuser to adopt the identity of a lesser user
       without the use of a password. To obtain this behavior with PAM
       the following pair of lines are needed for the corresponding
       entry in the /etc/pam.d/su configuration file:

           # su authentication. Root is granted access by default.
           auth  sufficient   pam_rootok.so
           auth  required     pam_unix.so

SEE ALSO         top

       su(1), pam.conf(5), pam.d(5), pam(8)

AUTHOR         top

       pam_rootok was written by Andrew G. Morgan, <morgan@kernel.org>.

COLOPHON         top

       This page is part of the linux-pam (Pluggable Authentication
       Modules for Linux) project.  Information about the project can be
       found at ⟨http://www.linux-pam.org/⟩.  If you have a bug report
       for this manual page, see ⟨//www.linux-pam.org/⟩.  This page was
       obtained from the tarball Linux-PAM-1.3.0.tar.bz2 fetched from
       ⟨http://www.linux-pam.org/library/⟩ on 2020-12-18.  If you
       discover any rendering problems in this HTML version of the page,
       or you believe there is a better or more up-to-date source for
       the page, or you have corrections or improvements to the
       information in this COLOPHON (which is not part of the original
       manual page), send a mail to man-pages@man7.org

Linux-PAM Manual               04/01/2016                  PAM_ROOTOK(8)

HTML rendering created 2020-12-21 by Michael Kerrisk, author of The Linux Programming Interface, maintainer of the Linux man-pages project.

For details of in-depth Linux/UNIX system programming training courses that I teach, look here.

Hosting by jambit GmbH.

Cover of TLPI