The SecureTTY account management component (
pam_sm_acct_mgmt()), returns failure if the user is attempting to authenticate as superuser, and the process is attached to an insecure TTY. In all other cases, the module returns success.
A TTY is considered secure if it is listed in
/etc/ttys and has the
TTY_SECURE flag set.
The following options may be passed to the authentication module:
debug
syslog(3) debugging information at
LOG_DEBUG level.
no_warn
suppress warning messages to the user. These messages include reasons why the user's authentication attempt was declined.