HP-UX Reference (11i v2 07/12) - 5 Miscellaneous (vol 9)
p
pam_hpsec(5) pam_hpsec(5)
Password Management Component
This component unconditionally succeeds.
Session Management Component
This component implements many miscellaneous restrictions such as
NOLOGIN,
NUMBER_OF_LOGINS_ALLOWED
, and
UMASK documented in security(4). If the TrustedMigration pro-
duct is installed, this component also implements the
DISPLAY_LAST_LOGIN
feature described in secu-
rity(4). In addition to the options listed in the Options section, the following options may also be passed to
the module for session management.
bypass_nologin
With this option, pam_hpsec ignores the NOLOGIN setting.
bypass_limit_login
With this option, pam_hpsec ignores the NUMBER_OF_LOGINS_ALLOWED
setting.
bypass_umask With this option, pam_hpsec ignores the UMASK
setting.
bypass_last_login
With this option, pam_hpsec ignores the DISPLAY_LAST_LOGIN
setting.
This option requires that the TrustedMigration product is installed.
bypass_all With this option, pam_hpsec ignores the restrictions or features that this
module would otherwise enforce.
EXAMPLES
The following is an example of stacking using the pam_hpsec module:
login session required pam_hpsec.so.1
login session sufficient pam_unix.so.1
login session sufficient pam_ldap.so.1
login session sufficient pam_krb5.so.1
The above rules state that the login’s session management requires at least any one of UNIX, LDAP, and
Kerberos PAM modules in addition to hpsec.
AUTHOR
pam_hpsec was developed by HP.
SEE ALSO
pam(3), pam_acct_mgmt(3), pam_authenticate(3), pam_open_session(3), pam_setcred(3), pam.conf(4), secu-
rity(4), userdb(4).
300 Hewlett-Packard Company − 2 − HP-UX 11i Version 2: December 2007 Update