pam_projects - account management PAM module for projects




     The     projects      service      module      for      PAM,
     /usr/lib/security/,  provides functionality
     for the account management PAM module. The
     module  is a shared object that can be dynamically loaded to
     provide the necessary functionality upon demand. Its path is
     specified in the PAM configuration file. is designed to be stacked on  top  of  the  module  for all services. This module
     is normally configured as "required", implying that any user
     lacking a default project will be denied login.

  Projects Account Management Module
     The project account management component provides a function
     to  perform  account  management,  pam_sm_acct_mgmt().  This
     function   uses   the   getdefaultproj()    function    (see
     getprojent(3PROJECT)) to retrieve the user's default project
     entry from the project(4) database. It then sets the project
     ID  attribute of the calling process, using the settaskid(2)
     system call.

     If the user does not belong to any project  defined  in  the
     project(4)  database,  or  if  the  settaskid()  system call
     failed to set the project ID attribute of the  calling  pro-
     cess,  the  module  will  display  an error message and will
     return error code PAM_PERM_DENIED.


     See attributes(5) for description of  the  following  attri-

    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    | MT-Level                    | MT-Safe with exceptions     |


     settaskid(2), getprojent(3PROJECT), libpam(3LIB), pam(3PAM),
     pam_acct_mgmt(3PAM), pam.conf(4), project(4), attributes(5)

     ,         pam_authtok_check(5),          pam_authtok_get(5),
     pam_authtok_store(5),   pam_dhkeys(5),   pam_passwd_auth(5),
     pam_unix(5),     pam_unix_account(5),      pam_unix_auth(5),


     The interfaces in libpam(3LIB)  are  MT-Safe  only  if  each
     thread  within  the  multi-threaded application uses its own
     PAM handle.

     The pam_unix(5) module might not be supported  in  a  future
     release.    Similar    functionality    is    provided    by
     pam_authtok_check(5),                    pam_authtok_get(5),
     pam_authtok_store(5),   pam_dhkeys(5),   pam_passwd_auth(5),
     pam_unix_account(5),          pam_unix_auth(5),          and

Man(1) output converted with man2html