pam_snapper - PAM module which creates filesystem snapshots via "snapper"

       pam-snapper was written by Matthias G. Eckermann <mge@suse.com> as part of SUSE Hackweek#9 in April 2013.

       This module would not have been possible without the work of Arvin Schnell on the snapper project.
       pam-snapper inherits DBUS handling from "snapper_dbus_cli.c" by David Disseldorp.

       The module builds on the Linux PAM stack and its documentation, written by Thorsten Kukuk.

       Create a snapshot at every login of a user, thus they always have a save starting point.

       As many users do not logout for some time, it is a good idea to enable snapper's time based snapshots in
       addition.

Basicusage
        1. Create a btrfs subvolume for the new user and a snapper configuration, e.g. using the tool
           /usr/lib/pam_snapper/pam_snapper_useradd.sh.

        2. Add the following line to /etc/pam.d/common-session:

               session    optional    pam_snapper.so

http://snapper.io/

       Copyright (c) 2013 SUSE

       All Rights Reserved.

       This program is free software; you can redistribute it and/or modify it under the terms of version 2 of
       the GNU General Public License as published by the Free Software Foundation.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY without even the
       implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
       License for more details.

       You should have received a copy of the GNU General Public License along with this program; if not,
       contact SUSE.

       To contact SUSE about this file by physical or electronic mail, you may find current contact information
       at www.suse.com.

0.10.6                                             2013-05-23                                     PAM_SNAPPER(8)

       Only the module type "session" is provided.

       pam_snapper - PAM module which creates filesystem snapshots via "snapper"

debug
           Switch on debugging in the module.

       homeprefix=prefix
           Prefix for the name of the snapper configuration. The username will be appended to this prefix.

           Default: "home_"

       ignoreservices=commaseparatedlistofservices
           Default: "crond"

       ignoreusers=commaseparatedlistofusers
           Default: (none)

       rootasroot
           Perform a snapshot using the snapper configuration "root" if the user "root" logs in. In other words:
           the homeprefix is not used in this case. As the snapper configuration "root" is used for the system
           (the root filesystem), this means that with every login of the user "root" the complete "/"
           filesystem will be snapshotted. This can be useful to help administrators rolling back in case their
           activity / configuration changes have been accidentally wrong.

           "rootasroot" and "ignoreroot" are mutually exclusive.

       ignoreroot
           No snapshot is taken, if the user "root" opens/closes a session.

           "rootasroot" and "ignoreroot" are mutually exclusive.

       openonly
           Only create a single snapshot when opening the PAM session.

           Default: create pre- and post-snapshots

       closeonly
           Only create a single snapshot when closing the PAM session.

           Default: create pre- and post-snapshots

       cleanup=cleanup-algorithm
           Set snapper cleanup algorithm.

           Default: (none)

       PAM_SUCCESS
           pam_snapper will always return PAM_SUCCESS, to not prevent users from login, in case a snapshot
           fails. This may change in the future.

snapper(8), pam.conf(5), pam(8), pam_snapper_homeconvert, pam_snapper_pamconfig, pam_snapper_useradd,
       pam_snapper_userdel

pam_snapper.so [debug] [homeprefix=prefix] [ignoreservices=services] [ignoreusers=users] [rootasroot]
                      [ignoreroot] [openonly] [closeonly] [cleanup=algorithm]