PAM_SELF(8)		  BSD System Manager's Manual		   PAM_SELF(8)

NAME
     pam_self — Self PAM module

SYNOPSIS
     [service-name] module-type control-flag pam_self [options]

DESCRIPTION
     The Self authentication service module for PAM, pam_self provides func‐
     tionality for only one PAM category: authentication.  In terms of the
     module-type parameter, this is the “auth” feature.

   Self Authentication Module
     The Self authentication component (pam_sm_authenticate()), returns suc‐
     cess if and only if the target user's user ID is identical with the cur‐
     rent real user ID.  If the current real user ID is zero, authentication
     will fail, unless the allow_root option was specified.

     The following options may be passed to the authentication module:

     debug	 syslog(3) debugging information at LOG_DEBUG level.

     no_warn	 suppress warning messages to the user.  These messages
		 include reasons why the user's authentication attempt was
		 declined.

     allow_root  do not automatically fail if the current real user ID is 0.

SEE ALSO
     getuid(2), pam.conf(5), pam(8)

AUTHORS
     The pam_self module and this manual page were developed for the FreeBSD
     Project by ThinkSec AS and NAI Labs, the Security Research Division of
     Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
     (“CBOSS”), as part of the DARPA CHATS research program.

BSD			       December 5, 2001 			   BSD