SYNOPSIS
pamtester [-v] [-I item=value] [-E var=value] service user operation [operation ...]DESCRIPTION
Test pluggable authentication module (PAM) facility.service is the PAM service name. user is the name of the user account to operate with the PAM facility. The following operations are supported.
- authenticate
- Authenticate user. A conversation may subsequently take place to prompt user input to retrieve necessary authentication information.
- acct_mgmt
- Perform account management on user. A conversation may subsequently take place to prompt user input for necessary authentication information.
- open_session
- Open a new session for user.
- close_session
- Close the current session for user.
- chauthtok
- Change the authentication token currently assigned to user. Conversation may subsequently take place to prompt user input for necessary authentication information.
Note that some operations may eventually need additional privileges to fulfill the request depending on the service configuration.
Any operation may also be followed by the option flags that are provided between the pair of parenthesis. Flags are all named and combinable or inversible with bitwise operators; "|" (OR), "&" (AND), "^" (XOR) and "~" (NOT) are accepted.
- authenticate(PAM_SILENT | PAM_DISALLOW_NULL_AUTHTOK)
The list of allowed options is shown below:
- -
- PAM_SILENT
- -
- PAM_DISALLOW_NULL_AUTHTOK
- -
- PAM_ESTABLISH_CRED
- -
- PAM_REINITIALIZE_CRED
- -
- PAM_REFRESH_CRED
- -
- PAM_CHANGE_EXPIRED_AUTHTOK
Additional authentication information such as the name of the remote user, the remote host and the tty can be supplied via -I (--item) option.
The following types of information are supported:
- -
- service
- -
- user
- -
- prompt
- -
- tty
- -
- ruser
- -
-
rhost
OPTIONS
- -v, --verbose
- Turn on verbose mode.
- -I item=value, --item item=value
- Provide additional information to authentication module.
- -E var=value, --env var=value
- Set environment variable var to value