6.3. pam_debug - debug the PAM stack
pam_debug.so [ auth=value ] [ cred=value ] [ acct=value ] [ prechauthtok=value ] [ chauthtok=value ] [ auth=value ] [ open_session=value ] [ close_session=value ]
The pam_debug PAM module is intended as a debugging aide for determining how the PAM stack is operating. This module returns what its module arguments tell it to return.
-
auth=value -
The pam_sm_authenticate(3) function will return
value. -
cred=value -
The pam_sm_setcred(3) function will return
value. -
acct=value -
The pam_sm_acct_mgmt(3) function will return
value. -
prechauthtok=value -
The pam_sm_chauthtok(3) function will return
valueif the PAM_PRELIM_CHECK flag is set. -
chauthtok=value -
The pam_sm_chauthtok(3) function will return
valueif the PAM_PRELIM_CHECK flag is not set. -
open_session=value -
The pam_sm_open_session(3) function will return
value. -
close_session=value -
The pam_sm_close_session(3) function will return
value.
Where value can be one of: success, open_err, symbol_err, service_err, system_err, buf_err, perm_denied, auth_err, cred_insufficient, authinfo_unavail, user_unknown, maxtries, new_authtok_reqd, acct_expired, session_err, cred_unavail, cred_expired, cred_err, no_module_data, conv_err, authtok_err, authtok_recover_err, authtok_lock_busy, authtok_disable_aging, try_again, ignore, abort, authtok_expired, module_unknown, bad_item, conv_again, incomplete.
- PAM_SUCCESS
-
Default return code if no other value was specified, else specified return value.
auth requisite pam_permit.so
auth [success=2 default=ok] pam_debug.so auth=perm_denied cred=success
auth [default=reset] pam_debug.so auth=success cred=perm_denied
auth [success=done default=die] pam_debug.so
auth optional pam_debug.so auth=perm_denied cred=perm_denied
auth sufficient pam_debug.so auth=success cred=success