diff options
| author | Lexi Winter <ivy@FreeBSD.org> | 2025-05-23 02:57:38 +0100 |
|---|---|---|
| committer | Lexi Winter <ivy@FreeBSD.org> | 2025-05-23 02:57:38 +0100 |
| commit | cd07ca491d16aa880a2e85694c165e8abea10366 (patch) | |
| tree | ca337a69462b6ba521bd6e50843bdda4cc78fc8c | |
| parent | 231d75a513f98618c136aea38d036dfaf31fa9f8 (diff) | |
pam_userjail: add an example to the manpagelf/dev/usrj
| -rw-r--r-- | lib/libpam/modules/pam_userjail/pam_userjail.8 | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/lib/libpam/modules/pam_userjail/pam_userjail.8 b/lib/libpam/modules/pam_userjail/pam_userjail.8 index edd268e2767f..647b05b5ba08 100644 --- a/lib/libpam/modules/pam_userjail/pam_userjail.8 +++ b/lib/libpam/modules/pam_userjail/pam_userjail.8 @@ -56,6 +56,24 @@ Allow access to the host's System V IPC namespace. .It Cm userjail.sysvipcnew Create a new System V IPC namespace for the user's jail. .El +.Sh EXAMPLES +To load the +.Nm +module in a PAM service configuration file, such as +.Pa /etc/pam.d/sshd : +.Bd -literal -offset indent +session required pam_userjail.so +.Ed +.Pp +A typical user jail class configured in +.Pa /etc/login.conf +which allows access to the network, +including raw sockets: +.Bd -literal -offset indent +jailed:\\ + :userjail:userjail.net_basic:userjail.net_raw:\\ + :tc=default: +.Ed .Sh SEE ALSO .Xr login.conf 5 , .Xr pam 3 , |