Windows PowerShell command on Get-command pam_tsol_account
MyWebUniversity

Manual Pages for UNIX Operating System command usage for man pam_tsol_account




Standards, Environments, and Macros           pam_tsol_account(5)





NAME

     pam_tsol_account - PAM account management module for Trusted

     Extensions


SYNOPSIS

     /usr/lib/security/pam_tsol_account.so.1




DESCRIPTION

     The Solaris  Trusted  Extensions  service  module  for  PAM,

     /usr/lib/security/pam_tsol_account.so.1, checks account lim-

     itations    that    are    related    to     labels.     The

     pam_tsol_account.so.1  module is a shared object that can be

     dynamically loaded to provide  the  necessary  functionality
     upon  demand. Its path is specified in the PAM configuration
     file.



     pam_tsol_account.so.1 contains a function to perform account

     management,  pam_sm_acct_mgmt(). The function checks for the

     allowed label range for the user.  The allowable label range

     is set by the defaults in the label_encodings(4) file. These

     defaults can be overridden by entries  in  the  user_attr(4)

     database.



     By default, this module requires that remote hosts  connect-

     ing to the  global zone must have a CIPSO host type. To dis-

     able this policy, add  the  allow_unlabeled  keyword  as  an

     option to the entry in pam.conf(4), as in:


       other  account required    pam_tsol_account allow_unlabeled




OPTIONS
     The following options can be passed to the module:


     allow_unlabeled    Allows remote connections from hosts with

                        unlabeled template types.


     debug              Provides  debugging  information  at  the

                        LOG_DEBUG level. See syslog(3C).




RETURN VALUES

     The following values are returned:


     PAM_SUCCESS        The account is valid for use at this time

                        and label.





SunOS 5.11          Last change: 20 Jul 2007                    1








Standards, Environments, and Macros           pam_tsol_account(5)





     PAM_PERM_DENIED    The current process label is outside  the

                        user's label range, or the label informa-

                        tion for the process is  unavailable,  or
                        the remote host type is not valid.


     Other values       Returns an error code that is  consistent

                        with typical PAM operations. For informa-

                        tion on error-related return values,  see

                        the pam(3PAM) man page.



ATTRIBUTES

     See attributes(5) for description of  the  following  attri-

     butes:




     ____________________________________________________________

    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |

    |_____________________________|_____________________________|

    | Interface Stability         | Committed                   |

    |_____________________________|_____________________________|

    | MT Level                    | MT-Safe with exceptions     |

    |_____________________________|_____________________________|





     The interfaces in libpam(3LIB)  are  MT-Safe  only  if  each

     thread  within  the  multi-threaded application uses its own

     PAM handle.


SEE ALSO

     keylogin(1),            libpam(3LIB),             pam(3PAM),

     pam_sm_acct_mgmt(3PAM),     pam_start(3PAM),     syslog(3C),

     label_encodings(4), pam.conf(4), user_attr(4), attributes(5)




     Chapter 17, Using PAM, in System Administration Guide: Secu-

     rity Services

NOTES
     The functionality described on this manual page is available
     only if the system is configured with Trusted Extensions.












SunOS 5.11          Last change: 20 Jul 2007                    2



Contact us      |      About us      |      Term of use      |       Copyright © 2000-2019 MyWebUniversity.com ™