NAME
pam_guest —
Guest PAM module
SYNOPSIS
[
service-name]
module-type control-flag
pam_guest
[
arguments]
DESCRIPTION
The guest service module for PAM allows guest logins. If successful, the
pam_guest module sets the PAM environment variable
GUEST
to the login name. The application can check
this variable using
pam_getenv(3) to
differentiate guest logins from normal logins.
The following options may be passed to the
pam_guest module:
-
-
- guests=list
- Comma-separated list of guest account names. The default is
“
guest
”. A typical value for
ftpd(8) would be
“anonymous,ftp
”.
-
-
- nopass
- Omits the password prompt if the target account is on the
list of guest accounts.
-
-
- pass_as_ruser
- The password typed in by the user is exported as the
PAM_RUSER
item. This is useful for applications
like ftpd(8) where guest users
are encouraged to use their email address as password.
-
-
- pass_is_user
- Requires the guest user to type in the guest account name
as password.
SEE ALSO
pam_get_item(3),
pam_getenv(3),
pam.conf(5),
pam(8)
AUTHORS
The
pam_guest module and this manual page were developed for
the
FreeBSD Project by ThinkSec AS and NAI Labs, the
Security Research Division of Network Associates, Inc. under DARPA/SPAWAR
contract N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS
research program.