PAM Lockout Module restricts user or group access to the system through a PAM module.
When working with this module, I found that the arguments should always take the form of 'user=' or 'group=', and should NOT contain any spaces. To ensure that the locked-out users do not access other PAM modules, I placed the module at the head of the stack.
Furthermore, in order for group or user lockout to work, the module requires the use of the getpwnam(3) or getgrnam(3) functions. User comparisons are done by using the pw_uid field in the passwd structure. Therefore, any user with an ID of zero, as per the sample usage mentioned earlier, will be locked out. Similarly, group comparisons utilize string comparisons of the inbound user and the names returned by getgrnam(3).
Overall, the PAM Lockout Module is an effective tool for limiting access to your machine. It is easy to use and provides excellent control over who can access your system.
Version 0.1: N/A