Provided by: libpam-snapper_0.10.2-1_amd64 bug


       pam_snapper - PAM module which creates filesystem snapshots via "snapper"

SYNOPSIS [debug] [homeprefix=prefix] [ignoreservices=services] [ignoreusers=users]
                      [rootasroot] [ignoreroot] [openonly] [closeonly] [cleanup=algorithm]


       Create a snapshot at every login of a user, thus they always have a save starting point.

       As many users do not logout for some time, it is a good idea to enable snapper's time
       based snapshots in addition.


           Switch on debugging in the module.

           Prefix for the name of the snapper configuration. The username will be appended to
           this prefix.

           Default: "home_"

       ignoreservices=comma separated list of services
           Default: "crond"

       ignoreusers=comma separated list of users
           Default: (none)

           Perform a snapshot using the snapper configuration "root" if the user "root" logs in.
           In other words: the homeprefix is not used in this case. As the snapper configuration
           "root" is used for the system (the root filesystem), this means that with every login
           of the user "root" the complete "/" filesystem will be snapshotted. This can be useful
           to help administrators rolling back in case their activity / configuration changes
           have been accidentally wrong.

           "rootasroot" and "ignoreroot" are mutually exclusive.

           No snapshot is taken, if the user "root" opens/closes a session.

           "rootasroot" and "ignoreroot" are mutually exclusive.

           Only create a single snapshot when opening the PAM session.

           Default: create pre- and post-snapshots

           Only create a single snapshot when closing the PAM session.

           Default: create pre- and post-snapshots

           Set snapper cleanup algorithm.

           Default: (none)


       Only the module type "session" is provided.


           pam_snapper will always return PAM_SUCCESS, to not prevent users from login, in case a
           snapshot fails. This may change in the future.


   Basic usage
        1. Create a btrfs subvolume for the new user and a snapper configuration, e.g. using the
           tool /usr/lib/pam_snapper/

        2. Add the following line to /etc/pam.d/common-session:

               session    optional


       snapper(8), pam.conf(5), pam(8), pam_snapper_homeconvert, pam_snapper_pamconfig,
       pam_snapper_useradd, pam_snapper_userdel



       pam-snapper was written by Matthias G. Eckermann <> as part of SUSE Hackweek#9
       in April 2013.

       This module would not have been possible without the work of Arvin Schnell on the snapper
       project. pam-snapper inherits DBUS handling from "snapper_dbus_cli.c" by David Disseldorp.

       The module builds on the Linux PAM stack and its documentation, written by Thorsten Kukuk.


       Copyright (c) 2013 SUSE

       All Rights Reserved.

       This program is free software; you can redistribute it and/or modify it under the terms of
       version 2 of the GNU General Public License as published by the Free Software Foundation.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY
       without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
       See the GNU General Public License for more details.

       You should have received a copy of the GNU General Public License along with this program;
       if not, contact SUSE.

       To contact SUSE about this file by physical or electronic mail, you may find current
       contact information at