Section: Linux\-PAM Manual (8)
pam_nologin - Prevent non-root users from login
pam_nologin.so [file=/path/nologin] [successok]
pam_nologin is a PAM module that prevents users from logging into the system when
exists. The contents of the file are displayed to the user. The pam_nologin module has no effect on the root user's ability to log in.
Use this file instead the default
Return PAM_SUCCESS if no file exists, the default is PAM_IGNORE.
MODULE TYPES PROVIDED
module types are provided.
The user is not root and
exists, so the user is not permitted to log in.
Memory buffer error.
This is the default return value.
Success: either the user is root or the nologin file does not exist.
User not known to the underlying authentication module.
The suggested usage for
auth required pam_nologin.so
In order to make this module effective, all login methods should be secured by it. It should be used as a
method listed before any
methods in order to get standard Unix nologin semantics. Note, the use of
module argument causes the module to return
and as such would break such a configuration - failing
modules would lead to a successful login because the nologin module
pam_nologin was written by Michael K. Johnson <email@example.com>.