Pam_motd(8) man page synopsis

What does the pam_motd(8) man page synopsis mean? What is

"[SYNOPSIS] [motd=/path/filename] [motd_dir=/path/dirname.d]"

The synopsis section in the pam_motd man page is a brief abstract showing how to use pam_motd in the PAM configuration. is an optional shared library adding functionality to the PAM software:

       pam_motd is a PAM module that can be used to display arbitrary motd (message of the day) files after a
       successful login. By default the /etc/motd file and all files from /etc/motd.d are shown. The message size is
       limited to 64KB.

In the case of Rocky Linux, it is configured in /etc/pam.d/sshd:

session    optional

It means that the pam_motd module will be used when doing a login with SSH.

Other Linux distributions might have other PAM versions and different configurations.

The is a module for PAM (Pluggable Authentication Modules for Linux, see man pam).

On my AlmaLinux 9 it is used for ssh sessions:

$ grep -r motd /etc/pam.d
/etc/pam.d/sshd:session    optional

As you see, that default config has only the without the options.

The man pam_motd says:

When no options are given, the default behavior applies for both options. Specifying either option (or both) will disable the default behavior for both options.

That is, if you want custom ‘motd’ or ‘motd_dir’ AND want to use the default other, then you have to set both explicitly.

As said elsewhere, pam_motd of CentOS 7 does not support ‘motd_dir’ and CentOS 7 does not have /etc/pamd.d.

Right, so the synopsis only shows how to configure motd in pam’s configure files? I’m used to man page’s synopsis showing how to use the command command. is not a command as far as I know?

By default, why does Rocky Linux (9?) /etc/pam.d/ contain motd configuration only for sshd? As I remember, motd is also used by default for other logins (e.g. TTY)?

I don’t think that pam_motd was used at all in RHEL before RHEL 8
In RHEL 8 and 9 it is only on for sshd, probably because cockpit adds this message:

Activate the web console with: systemctl enable --now cockpit.socket

The cockpit is mostly for remote management, so it makes sense to advertise it for remote users.

Indeed, PAM modules are not commands. There are many manual pages that are not about executable commands. For example, man pam and man 3 exit.

I know that, but I wasn’t sure if the synopsis section is used in non-commands. Example your example man pam not include synopsis section. Anyway, thanks for the information :slight_smile: Now I don’t get confused that the synopsis only has instructions for filling out the configuration file, or something else sometimes.