NAME

       pam_tmpdir - PAM module for creating a secure directory for users' temporary files

SYNOPSIS

       pam_tmpdir.so

DESCRIPTION

       This  module  can  be  plugged  into  the  session  stack  of a given service to provide secure, per-user
       directories for temporary files.

OPTIONS

       The directory in which the users' temporary directories  are  created  can  be  set  using  an  entry  in
       /etc/security/tmpdir.conf:

       tmpdir=/path/to/tmpdir

       The default is /tmp/user.

MODULE TYPES PROVIDED

       Although  this  is  intended to be used with the session module type, it also provides account, auth, and
       password module types.

RETURN VALUES

       PAM_SUCCESS
              The temporary directory was successfully created.

       PAM_ABORT
              An error occurred when attempting to create the temporary directory.

       PAM_SERVICE_ERR
              An internal error occurred.

EXAMPLES

       To allow users to login even if pam_tmpdir fails to create a safe tmpdir:

              session    optional     pam_tmpdir.so

       To deny login if an error occurs while setting up the safe tmpdir:

              session    required     pam_tmpdir.so

       NOTE: This could allow for a DoS attack if a malicious user creates /tmp/user before pam_tmpdir does.

SEE ALSO

       pam-tmpdir-helper(8)

AUTHOR

       Tollef Fog Heen <tfheen@err.no>

COPYRIGHT

       Copyright © 2002-2012 Tollef Fog Heen <tfheen@err.no>.

       This is free software; see the source for copying conditions.

       There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

                                                                                                   PAM_TMPDIR(8)