GROUP​.CONF - Online Linux Manual PageSection : 5
Updated : 09/03/2021
Source : Linux-PAM Manual
Note : Linux−PAM Manual

NAMEgroup.conf − configuration file for the pam_group module

DESCRIPTIONThe pam_group PAM module does not authenticate the user, but instead it grants group memberships (in the credential setting phase of the authentication module) to the user​. Such memberships are based on the service they are applying for​. For this module to function correctly there must be a correctly formatted /etc/security/group​.conf file present​. White spaces are ignored and lines maybe extended with '\' (escaped newlines)​. Text following a '#' is ignored to the end of the line​. The syntax of the lines is as follows: services;ttys;users;times;groups The first field, the services field, is a logic list of PAM service names that the rule applies to​. The second field, the tty field, is a logic list of terminal names that this rule applies to​. The third field, the users field, is a logic list of users, or a UNIX group, or a netgroup of users to whom this rule applies​. Group names are preceded by a '%' symbol, while netgroup names are preceded by a '@' symbol​. A logic list namely means individual tokens that are optionally prefixed with '!' (logical not) and separated with '&' (logical and) and '|' (logical or)​. For these items the simple wildcard '*' may be used only once​. With UNIX groups or netgroups no wildcards or logic operators are allowed​. The times field is used to indicate "when" these groups are to be given to the user​. The format here is a logic list of day/time−range entries​. The days are specified by a sequence of two character entries, MoTuSa for example is Monday Tuesday and Saturday​. Note that repeated days are unset MoMo = no day, and MoWk = all weekdays bar Monday​. The two character combinations accepted are Mo Tu We Th Fr Sa Su Wk Wd Al, the last two being week−end days and all 7 days of the week respectively​. As a final example, AlFr means all days except Friday​. Each day/time−range can be prefixed with a '!' to indicate "anything but"​. The time−range part is two 24−hour times HHMM, separated by a hyphen, indicating the start and finish time (if the finish time is smaller than the start time it is deemed to apply on the following day)​. The groups field is a comma or space separated list of groups that the user inherits membership of​. These groups are added if the previous fields are satisfied by the user's request​. For a rule to be active, ALL of service+ttys+users must be satisfied by the applying process​.

EXAMPLESThese are some example lines which might be specified in /etc/security/group​.conf​. Running 'xsh' on tty* (any ttyXXX device), the user 'us' is given access to the floppy (through membership of the floppy group) xsh;tty*&!ttyp*;us;Al0000−2400;floppyRunning 'xsh' on tty* (any ttyXXX device), the users 'sword', 'pike' and 'shield' are given access to games (through membership of the floppy group) after work hours​. xsh; tty* ;sword|pike|shield;!Wk0900−1800;games, sound xsh; tty* ;*;Al0900−1800;floppy Any member of the group 'admin' running 'xsh' on tty*, is granted access (at any time) to the group 'plugdev' xsh; tty* ;%admin;Al0000−2400;plugdev

SEE ALSOpam_group(8), pam.d(5), pam(8)

AUTHORpam_group was written by Andrew G​. Morgan <morgan@kernel​.org>​.
0
Johanes Gumabo
Data Size   :   9,649 byte
man-group.conf.5Build   :   2024-12-05, 20:55   :  
Visitor Screen   :   x
Visitor Counter ( page / site )   :   2 / 187,767
Visitor ID   :     :  
Visitor IP   :   3.141.19.115   :  
Visitor Provider   :   AMAZON-02   :  
Provider Position ( lat x lon )   :   39.962500 x -83.006100   :   x
Provider Accuracy Radius ( km )   :   1000   :  
Provider City   :   Columbus   :  
Provider Province   :   Ohio ,   :   ,
Provider Country   :   United States   :  
Provider Continent   :   North America   :  
Visitor Recorder   :   Version   :  
Visitor Recorder   :   Library   :  
Online Linux Manual Page   :   Version   :   Online Linux Manual Page - Fedora.40 - march=x86-64 - mtune=generic - 24.12.05
Online Linux Manual Page   :   Library   :   lib_c - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Online Linux Manual Page   :   Library   :   lib_m - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Data Base   :   Version   :   Online Linux Manual Page Database - 24.04.13 - march=x86-64 - mtune=generic - fedora-38
Data Base   :   Library   :   lib_c - 23.02.07 - march=x86-64 - mtune=generic - fedora.36

Very long time ago, I have the best tutor, Wenzel Svojanovsky . If someone knows the email address of Wenzel Svojanovsky , please send an email to johanes_gumabo@yahoo.co.id .
If error, please print screen and send to johanes_gumabo@yahoo.co.id
Under development. Support me via PayPal.