PAM_LOCALUSER(8) Linux-PAM Manual PAM_LOCALUSER(8)
pam_localuser - require users to be listed in /etc/passwd
pam_localuser.so [debug] [file=/path/passwd]
pam_localuser is a PAM module to help implementing site-wide login
policies, where they typically include a subset of the network's users
and a few accounts that are local to a particular workstation. Using
pam_localuser and pam_wheel or pam_listfile is an effective way to
restrict access to either local users and/or a subset of the network's
This could also be implemented using pam_listfile.so and a very short
awk script invoked by cron, but it's common enough to have been
Print debug information.
Use a file other than /etc/passwd.
MODULE TYPES PROVIDED
All module types (account, auth, password and session) are provided.
The new localuser was set successfully.
No username was given.
User not known.
Add the following line to /etc/pam.d/su to allow only local users in
group wheel to use su.
account sufficient pam_localuser.so
account required pam_wheel.so
Local user account information.
pam.conf(5), pam.d(5), pam(7)
pam_localuser was written by Nalin Dahyabhai <firstname.lastname@example.org>.
Linux-PAM Manual 09/19/2013 PAM_LOCALUSER(8)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2022
All Rights Reserved.