Skip to content
/ pam_supair Public

A simple PAM module that allows su(1) without a password between configured pairs of users.

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sfindeisen/pam_supair

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
pam_supair.c
pam_supair.c
 
 

Repository files navigation

pam_supair

A simple PAM module that allows su(1) without a password between configured pairs of users.

Example

In /etc/pam.d/su :

auth   sufficient   pam_supair.so alice,bob:root,charlie charlie:bob debug

This means that users alice and bob can each do passwordless su to users root and charlie. User charlie can do passwordless su to user bob. The optional debug parameter is present => the operation will be logged by syslog (each time).

In your Bash-like shell you can then type:

alice@localhost$ su - charlie
charlie@localhost$

Voila!

Installation

This requires PAM development C headers to compile. On a Debian-like system they are contained in libpam-dev package (apt-get install libpam-dev).

Then:

make

Now copy the resulting pam_supair.so file into your PAM module directory (/lib/x86_64-linux-gnu/security/ or /usr/lib/x86_64-linux-gnu/security/ or similar) and edit your /etc/pam.d/su as required.

About

A simple PAM module that allows su(1) without a password between configured pairs of users.

Topics

c pam user-management passwordless passwordless-su

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages