pam_dotfileis a PAM module which allows users to have more than one password for a single account, each for a different service.
This is desirable because many users have objections to using the same password for (as an example) an IMAP4 mailbox and SSH access.
The IMAP4 password should be distinct from the SSH password because the user wants to save the former in the configuration of his mail agent, but not the latter. The same applies to POP3 mailboxes, FTP and comparable services.
debug - Be very verbose to syslog(3)
use_first_pass - Don't issue a password prompt, use one supplied by a previous modules
try_first_pass - Nearly the same as use_first_pass, but don't fail if no password was supplied, instead query the user
use_authtok - Synonym for use_first_pass
rootok - Don't deny access for users with uid == 0
nullok - Don't deny access for null passwords
fork - Always fork before trying to open the password files via the helper tool
nofork - Never fork
no_warn - Suppress warnings to syslog(3)
stat_only_home - verifies group/world readability only inside the home directory. e.g. if the configuration file is /home/waldo/.pam/service only /home/waldo/.pam and /home/waldo are tested. This is sometimes necessary if the home directories are symbolic links.
nocompat05 - Disable compatibility with pam_dotfile
· pam_dotfile was developed and tested on Debian GNU/Linux "testing" from July 2003, it should work on most other Linux distributions (and maybe Unix versions) since it uses GNU autoconf and GNU libtool for source code configuration and shared lib
· You need the PAM development headers installed (naturally...)