Application Access; Additional Resources; Installed Documentation - Red Hat ENTERPRISE LINUX 4.5.0 Reference Manual

Chapter 16. Pluggable Authent...
Doing this prevents remote users from gaining access to devices and restricted
applications on the machine.
If the gdm, kdm, or xdm display manager configuration file has been altered to
allow remote users to log in and the host is configured to run at any multiple user
runlevel other than 5, it is advisable to remove the
and change the
<console>=tty[0-9][0-9]* vc/[0-9][0-9]*

7.2. Application Access

The console user is also allowed access to certain programs with a file bearing the command
name in the
/etc/security/console.apps/
One notable group of applications the console user has access to are three programs which
shut off or reboot the system. These are:
•
/sbin/halt
•
/sbin/reboot
•
/sbin/poweroff
Because these are PAM-aware applications, they call the
requirement for use.
For more information, refer to the

8. Additional Resources

The following resources further explain methods to use and configure PAM. In addition to these
resources, read the PAM configuration files on the system to better understand how they are
structured.

8.1. Installed Documentation

• PAM related man pages — There are a number of man pages for the various applications
and configuration files involved with PAM. The following is a list of some of the more
important man pages.
Configuration Files
306
directive to the following value:
<console>
directory.
Section 8.1, "Installed
<xconsole>
module as a
pam_console.so
Documentation".
directive entirely