pam_landlock

a PAM module for limiting users' access to the filesystem

Installation

Run as root:

make install

Then, append

session required pam_landlock.so --allow-privs

to both /etc/pam.d/common-session (for interactive sessions) and /etc/pam.d/common-session-noninteractive (for non-interactive sessions).

For testing purposes, I recommend using optional instead of required to avoid locking yourself out of your own system.

See the documentation in default.conf.

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
.gitignore		.gitignore
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
default.conf		default.conf
example.conf		example.conf
landlock.c		landlock.c
landlock.h		landlock.h
pam_landlock.c		pam_landlock.c
parse.c		parse.c
parse.h		parse.h
prelude.h		prelude.h
vec.c		vec.c
vec.h		vec.h