Linux command
pam_rootok 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Allow root without password
auth sufficient pam_rootok.so
Enable debug logging
auth sufficient pam_rootok.so debug
说明
pam_rootok is a PAM authentication module that returns success if the calling user has a UID of 0 (root). It is most commonly used in /etc/pam.d/su to allow the root user to switch identity to any other account without being prompted for a password. It is typically combined with the sufficient control flag, so that root passes immediately and other users continue down the stack to be authenticated normally (e.g. by pam_unix or pam_wheel). The module provides only the auth management group; it has no session, password, or account semantics.
参数
- debug
- Log a message to syslog (auth facility) describing the action taken.
FAQ
What is the pam_rootok command used for?
pam_rootok is a PAM authentication module that returns success if the calling user has a UID of 0 (root). It is most commonly used in /etc/pam.d/su to allow the root user to switch identity to any other account without being prompted for a password. It is typically combined with the sufficient control flag, so that root passes immediately and other users continue down the stack to be authenticated normally (e.g. by pam_unix or pam_wheel). The module provides only the auth management group; it has no session, password, or account semantics.
How do I run a basic pam_rootok example?
Run `auth sufficient pam_rootok.so` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does debug do in pam_rootok?
Log a message to syslog (auth facility) describing the action taken.