| Server IP : 217.18.85.50 / Your IP : 18.220.110.45 Web Server : LiteSpeed System : Linux server50.tr85.dhs.com.tr 3.10.0-962.3.2.lve1.5.85.el7.x86_64 #1 SMP Thu Apr 18 15:18:36 UTC 2024 x86_64 User : ferhatgenc ( ) PHP Version : 7.2.34 Disable Function : restore_ini,mail,openbasedir,f_open,system,dl,array_compare,array_user_key_compare,passthru,cat,exec,popen,proc_close,proc_get_status,proc_nice,proc_open,escapeshellcmd,escapeshellarg,show_source,posix_mkfifo,ini_restore,mysql_list_dbs,getmyuid,pconnect,link,symlink,fin,passthruexec,fileread,shell_exec,pcntl_exec,ini_alter,leak,apache_child_terminate,chown,posix_kill,posix_setpgid,posix_setsid,posix_setuid,proc_terminate,syslog,allow_url_fopen,fpassthru,execute,shell,chgrp,passthru,socket_select,socket_create,socket_create_listen,socket_create_pair,socket_listen,socket_accept,socket_bind,foreach,socket_strerror,pcntl_fork,pcntl_signal,pcntl_waitpid,pcntl_wexitstatus,pcntl_wifexited,pcntl_wifsignaled,pcntl_wifstopped,pcntl_wstopsig,pcntl_wtermsig,openlog,apache_get_version,apache_getenv,apache_note,apache_setenv,virtualal MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /etc/security/ |
Upload File : |
# # This is the configuration file for the pam_group module. # # # *** Please note that giving group membership on a session basis is # *** NOT inherently secure. If a user can create an executable that # *** is setgid a group that they are infrequently given membership # *** of, they can basically obtain group membership any time they # *** like. Example: games are allowed between the hours of 6pm and 6am # *** user joe logs in at 7pm writes a small C-program toplay.c that # *** invokes their favorite shell, compiles it and does # *** "chgrp play toplay; chmod g+s toplay". They are basically able # *** to play games any time... You have been warned. AGM # # # The syntax of the lines is as follows: # # services;ttys;users;times;groups # # white space is ignored and lines maybe extended with '\\n' (escaped # newlines). From reading these comments, it is clear that # text following a '#' is ignored to the end of the line. # # the combination of individual users/terminals etc is a logic list # namely individual tokens that are optionally prefixed with '!' (logical # not) and separated with '&' (logical and) and '|' (logical or). # # services # is a logic list of PAM service names that the rule applies to. # # ttys # is a logic list of terminal names that this rule applies to. # # users # is a logic list of users or a netgroup of users to whom this # rule applies. # # NB. For these items the simple wildcard '*' may be used only once. # With netgroups no wildcards or logic operators are allowed. # # times # It is used to indicate "when" these groups are to be given to the # user. The format here is a logic list of day/time-range # entries the days are specified by a sequence of two character # entries, MoTuSa for example is Monday Tuesday and Saturday. Note # that repeated days are unset MoMo = no day, and MoWk = all weekdays # bar Monday. The two character combinations accepted are # # Mo Tu We Th Fr Sa Su Wk Wd Al # # the last two being week-end days and all 7 days of the week # respectively. As a final example, AlFr means all days except Friday. # # Each day/time-range can be prefixed with a '!' to indicate "anything # but" # # The time-range part is two 24-hour times HHMM separated by a hyphen # indicating the start and finish time (if the finish time is smaller # than the start time it is deemed to apply on the following day). # # groups # The (comma or space separated) list of groups that the user # inherits membership of. These groups are added if the previous # fields are satisfied by the user's request # # For a rule to be active, ALL of service+ttys+users must be satisfied # by the applying process. # # # Note, to get this to work as it is currently typed you need # # 1. to run an application as root # 2. add the following groups to the /etc/group file: # floppy, play, sound # # # Here is a simple example: running 'xsh' on tty* (any ttyXXX device), # the user 'us' is given access to the floppy (through membership of # the floppy group) # #xsh;tty*&!ttyp*;us;Al0000-2400;floppy # # another example: running 'xsh' on tty* (any ttyXXX device), # the user 'sword' is given access to games (through membership of # the sound and play group) after work hours. # #xsh; tty* ;sword;!Wk0900-1800;sound, play #xsh; tty* ;*;Al0900-1800;floppy # # yet another example: any member of the group 'admin' running # 'xsh' on tty*, is granted access (at any time) to the group 'plugdev' # #xsh; tty* ;%admin;Al0000-2400;plugdev # # End of group.conf file #