illumos: manual page: pam_unix

PAM_UNIX_ACCOUNT(7) Standards, Environments, and Macros PAM_UNIX_ACCOUNT(7)

NAME

pam_unix_account - PAM account management module for UNIX

SYNOPSIS

pam_unix_account.so.1

DESCRIPTION

The pam_unix_account module implements pam_sm_acct_mgmt(3PAM), which
provides functionality to the PAM account management stack. The module
provides functions to validate that the user's account is not locked or
expired and that the user's password does not need to be changed. The
module retrieves account information from the configured databases in
nsswitch.conf(5).

The following options can be passed to the module:

debug
syslog(3C) debugging information at the LOG_DEBUG level

nowarn
Turn off warning messages

server_policy
If the account authority for the user, as specified by
PAM_USER, is a server, do not apply the Unix policy from
the passwd entry in the name service switch.

ERRORS

The following values are returned:

PAM_ACCT_EXPIRED
User account has expired

PAM_AUTHTOK_EXPIRED
Password expired and no longer usable

PAM_BUF_ERR
Memory buffer error

PAM_IGNORE
Ignore module, not participating in result

PAM_NEW_AUTHTOK_REQD
Obtain new authentication token from the user

PAM_PERM_DENIED
The account is locked or has been inactive for
too long

PAM_SERVICE_ERR
Error in underlying service module

PAM_SUCCESS
The account is valid for use at this time

PAM_USER_UNKNOWN
No account is present for the user

ATTRIBUTES

NOTES