| PAM_GROUP(8) | System Manager's Manual | PAM_GROUP(8) | 
NAME
 pam_group — Group PAM module
SYNOPSIS
 [service-name] module-type control-flag pam_group [arguments]
DESCRIPTION
 The group service module for PAM accepts or rejects users based on their membership in a particular file group.
The following options may be passed to the pam_group module:
- 
deny
- 
Reverse the meaning of the test, i.e., reject the applicant if and only if he or she is a member of the specified group. This can be useful to exclude certain groups of users from certain services.
- 
fail_safe
- 
If the specified group does not exist, or has no members, act as if it does exist and the applicant is a member.
- 
group=groupname
- 
Specify the name of the group to check. The default is “wheel”.
- 
root_only
- 
Skip this module entirely if the target account is not the superuser account.
- 
authenticate
- 
The user is asked to authenticate using his own password.
 
AUTHORS
 The pam_group module and this manual page were developed for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program.