Rechercher

Ce contenu n'est pas disponible dans la langue sélectionnée.

16.3.2. Control Flag

download PDF
All PAM modules generate a success or failure result when called. Control flags tell PAM what do with the result. Since modules can be stacked in a particular order, control flags decide how important the success or failure of a particular module is to the overall goal of authenticating the user to the service.
There are four predefined control flags:
  • required — The module result must be successful for authentication to continue. If a required module result fails, the user is not notified until results on all modules referencing that interface are completed.
  • requisite — The module result must be successful for authentication to continue. However, if a requisite module result fails, the user is notified immediately with a message reflecting the first failed required or requisite module.
  • sufficient — The module result is ignored if it fails. However, if a sufficient flagged module result is successful and no required flagged modules above it have failed, then no other results are required and the user is authenticated to the service.
  • optional — The module result is ignored. A module flagged as optional only becomes necessary for successful authentication when there are no other modules referencing the interface.

Important

The order in which required modules are called is not critical. The sufficient and requisite control flags cause order to become important.
A newer control flag syntax which allows for more precise control is now available for PAM. Please see the PAM documentation located in the /usr/share/doc/pam-<version-number>/ directory for information on this new syntax (where <version-number> is the version number for PAM).
Red Hat logoGithubRedditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez leBlog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

© 2024 Red Hat, Inc.