Pam_motd(8) man page synopsis

karpse · October 29, 2022, 9:14pm

What does the pam_motd(8) man page synopsis mean? What is motd_pam.so?

"[SYNOPSIS]

pam_motd.so [motd=/path/filename] [motd_dir=/path/dirname.d]"
https://man.archlinux.org/man/pam_motd.8.en

olista · October 30, 2022, 4:29am

The synopsis section in the pam_motd man page is a brief abstract showing how to use pam_motd in the PAM configuration.

pam_motd.so is an optional shared library adding functionality to the PAM software:

DESCRIPTION
       pam_motd is a PAM module that can be used to display arbitrary motd (message of the day) files after a
       successful login. By default the /etc/motd file and all files from /etc/motd.d are shown. The message size is
       limited to 64KB.

In the case of Rocky Linux, it is configured in /etc/pam.d/sshd:

session    optional     pam_motd.so

It means that the pam_motd module will be used when doing a login with SSH.

Other Linux distributions might have other PAM versions and different configurations.

jlehtone · October 30, 2022, 8:54am

The pam_motd.so is a module for PAM (Pluggable Authentication Modules for Linux, see man pam).

On my AlmaLinux 9 it is used for ssh sessions:

$ grep -r motd /etc/pam.d
/etc/pam.d/sshd:session    optional     pam_motd.so

As you see, that default config has only the pam_motd.so without the options.

The man pam_motd says:

When no options are given, the default behavior applies for both options. Specifying either option (or both) will disable the default behavior for both options.

That is, if you want custom ‘motd’ or ‘motd_dir’ AND want to use the default other, then you have to set both explicitly.

As said elsewhere, pam_motd of CentOS 7 does not support ‘motd_dir’ and CentOS 7 does not have /etc/pamd.d.

karpse · October 30, 2022, 10:20am

Right, so the synopsis only shows how to configure motd in pam’s configure files? I’m used to man page’s synopsis showing how to use the command command. pam_motd.so is not a command as far as I know?

karpse · October 30, 2022, 10:24am

By default, why does Rocky Linux (9?) /etc/pam.d/ contain motd configuration only for sshd? As I remember, motd is also used by default for other logins (e.g. TTY)?

jlehtone · October 30, 2022, 11:30am

I don’t think that pam_motd was used at all in RHEL before RHEL 8
In RHEL 8 and 9 it is only on for sshd, probably because cockpit adds this message:

Activate the web console with: systemctl enable --now cockpit.socket

The cockpit is mostly for remote management, so it makes sense to advertise it for remote users.

Indeed, PAM modules are not commands. There are many manual pages that are not about executable commands. For example, man pam and man 3 exit.

karpse · October 30, 2022, 11:43am

I know that, but I wasn’t sure if the synopsis section is used in non-commands. Example your example man pam not include synopsis section. Anyway, thanks for the information Now I don’t get confused that the synopsis only has instructions for filling out the configuration file, or something else sometimes.

Topic		Replies	Views
How does /etc/motd.d directory works? Rocky Linux General	11	4166	August 25, 2023
Cockpit and insights-client files in /etc/motd/ rise above others on pam_motd message Rocky Linux General	6	979	August 25, 2023
PAM updates for mounting an encrypted user's home at login Rocky Linux General	1	432	August 25, 2023
New error message in logs triggered by connecting to cockpit Rocky Linux General	2	944	August 25, 2023
Decrypt LUKS encrypted /home directory at login Rocky Linux General	1	403	August 25, 2023

Pam_motd(8) man page synopsis

Related Topics