logindevperm(5)
NAME
/etc/logindevperm - configuration file for pam_devperm.so
DESCRIPTION
/etc/logindevperm is an ASCII file which contains the rules for
pam_devperm.
There is one entry per line. Comments start with a # and extend to the
end of the line. Blank lines or lines with only a comment are ignored.
All other lines consist of three fields delimited by whitespace:
- login device
- If a user signs onto the system on this device, the rule will be evaluated.
- octal permission number
- The octal permission number to which the access rights of devices should be changed.
- list of devices
- A ":"-delimited list of devices, which should be owned by the user who signs onto the sytem.
- All device names are absolute paths. A path that ends in "/*" refers to all directory entries except "." and "..". The login device could be also the xdm display (like :0) or a "*" matching all devices.
- If the tty the user does login matches a login device name, the permissions of the devices in the ":"-delimited list are set as specified in the second field, and their ownership is changed to that of the uid of the user.
- All rules are tried one by one. Every match is evaluated.
EXAMPLE
# Give access to the CD-ROM and floppy devices.
# users in the correct group should be also able
# to write to the floppy. user needs to login with xdm/kdm
:0 0600 /dev/cdrom:/dev/cdrom1:/dev/cdrom2
:0 0660 /dev/fd0:/dev/fd1
FILES
/etc/logindevperm