pam_group

Consider group membership.

Syntax:

facility control_flag pam_group.so [deny] [fail_safe] 
    [group=group_name] [luser | ruser] [root_only]

Options:

deny
Reject users who are members of the group.
fail_safe
Treat the user as a member even if the group is empty or does not exist.
group=group_name
Check this group.
luser
Accept target users who belong to the group and reject ones who don't.
root_only
Consider only the user with UID equal to zero.
ruser
Make decisions based on the group membership of the entity seeking to be authenticated.

Description:

Use the pam_group module to take group membership into consideration as part of the authentication.

Note: The PAM module syntax does not stand alone and is contained within the context of the PAM configuration command. See the Security Developer's Guide for more information about system authentication, configuring PAM, facilities, control flags, examples, and how QNX Neutrino uses the OpenPAM framework.

Service category:

This module belongs to the following PAM service categories:

Exit status:

Accepts or rejects the user.

Returns failure if luser and ruser are both specified. They are mutually exclusive options.