bionic (8) pmvarrun.8.gz

Provided by: libpam-mount_2.16-3ubuntu0.1_amd64 bug

Name

       pmvarrun - updates /var/run/pam_mount/user

Syntax

       pmvarrun -u user [options]

Description

       A  separate  program  is  needed so that /var/run/pam_mount/user may be created with a pam_mount-specific
       security context (otherwise SELinux policy will conflict with gdm, which also creates file in /var/run).

       pmvarrun is flexible and can run in a number of different security setups:

   root-root
       When pmvarrun is invoked as root, /var/run/pam_mount's permission settings can be as  strict  as  needed;
       usually (0755,root,root) is a good pick as it gives users the debug control over their refcount. Refcount
       files are given their respective owners (chowned to the user who logs in).

   user-user
       When invoked as the user who logs in, /var/run/pam_mount needs appropriate permissions to create a  file,
       which means the write bit must be set. It is also highly suggested to set the sticky bit in this case, so
       other users do not tamper with your refcount.

   root-user
       Some programs or login helpers incorrectly call the PAM stack in a way that the login phase  is  done  as
       root  and  the  logout  phase  as  a  normal  user.   Nevertheless,  pmvarrun supports this, and the same
       permissions as in root-root can be used. While the  user  may  not  be  able  to  unlink  his  file  from
       /var/run/pam_mount, it will be truncated to indicate the same state.

Options

       --help, -h
              Display help.

       --user user, -u user
              User to handle, must be a valid username.

       --operation number, -o number
              Increase volume count by number.

       -d     Turn on debugging.

Files

       /var/run/pam_mount/user

Author

       This manpage was originally written by Bastian Kleineidam <calvin@debian.org> for the Debian distribution
       of libpam-mount but may be used by others.

       See /usr/share/doc/packages/libpam-mount/copyright for the list of original authors of pam_mount.