PAM_ENV(7) | Linux-PAM Manual | PAM_ENV(7) |
pam_env - PAM module to set/unset environment variables
pam_env.so [debug] [conffile=conf-file] [envfile=env-file] [readenv=0|1] [user_envfile=env-file] [user_readenv=0|1]
The pam_env PAM module allows the (un)setting of environment variables. Supported is the use of previously set environment variables as well as PAM_ITEMs such as PAM_RHOST.
By default rules for (un)setting of variables are taken from the config file /etc/security/pam_env.conf. An alternate file can be specified with the conffile option.
Second a file (/etc/environment by default) with simple KEY=VAL pairs on separate lines will be read. With the envfile option an alternate file can be specified. And with the readenv option this can be completely disabled.
Third it will read a user configuration file ($HOME/.pam_environment by default). The default file can be changed with the user_envfile option and it can be turned on and off with the user_readenv option.
Since setting of PAM environment variables can have side effects to other modules, this module should be the last one on the stack.
conffile=/path/to/pam_env.conf
debug
envfile=/path/to/environment
readenv=0|1
user_envfile=filename
user_readenv=0|1
Due to problematic security this functionality is deprecated since the 1.5.0 version and will be removed completely at some point in the future.
The auth and session module types are provided.
PAM_ABORT
PAM_BUF_ERR
PAM_IGNORE
PAM_SUCCESS
/etc/security/pam_env.conf
/etc/environment
$HOME/.pam_environment
pam_env was written by Dave Kinchlea <kinch@kinch.ark.com>.
09/03/2021 | Linux-PAM Manual |