The RootOK authentication component (
pam_sm_authenticate()), always returns success for the superuser; i.e., if
getuid(2) returns 0.
The following options may be passed to the authentication module:
debug
syslog(3) debugging information at
LOG_DEBUG level.
no_warn
suppress warning messages to the user. These messages include reasons why the user's authentication attempt was declined.