Novell LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009 Manual page 35

2.3.1 pam_env.conf
This file can be used to define a standardized environment for users that is set whenever
the pam_env module is called. With it, preset environment variables using the following
syntax:
VARIABLE [DEFAULT=[value]]
VARIABLE
Name of the environment variable to set.
[DEFAULT=[value]]
Default value the administrator wants set.
[OVERRIDE=[value]]
Values that may be queried and set by pam_env, overriding the default value.
A typical example of how pam_env can be used is the adaptation of the DISPLAY
variable, which is changed whenever a remote login takes place. This is shown in
ample 2.6, "pam_env.conf"
Example 2.6 pam_env.conf
REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST}
DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}
The first line sets the value of the REMOTEHOST variable to localhost, which is
used whenever pam_env cannot determine any other value. The DISPLAY variable
in turn contains the value of REMOTEHOST. Find more information in the comments
in the file /etc/security/pam_env.conf.
2.3.2 pam_mount.conf
The purpose of pam_mount is to mount user home directories during the login process,
and to unmount them during logout in an environment where a central file server keeps
all the home directories of users. With this method, it is not necessary to mount a
complete /home directory where all user home directories would be accessible. Instead,
only the home directory of the respective user is mounted.
[OVERRIDE=[value]]
(page 23).
Ex-
Authentication with PAM 23