In Linux, what is /etc/security?

What is this directory for? Is it part of POSIX? Is it part of the Linux Standard Base? Is it enforced by the kernel or is it more of a distro feature? Where can I find further documentation about it?


Good question, since you will hardly find some documentation that directly answers your questions. I'd say it's part of the LSB, as once you install your Linux system you'll already find this directory created. Moreover, using the apt-file utility on Debian systems you'll see this:

pi@rpi ~ $ apt-file search '/etc/security'
debian-edu-config: /etc/security/pam_mount-stateless-debian-edu.conf
debian-edu-config: /etc/security/pam_mount-winbind-debian-edu.conf
libpam-abl: /etc/security/pam_abl.conf
libpam-blue: /etc/security/bluesscan.conf
libpam-cap: /etc/security/capability.conf
libpam-chroot: /etc/security/chroot.conf
libpam-duo: /etc/security/pam_duo.conf
libpam-encfs: /etc/security/pam_encfs.conf
libpam-modules: /etc/security/access.conf
libpam-modules: /etc/security/group.conf
libpam-modules: /etc/security/limits.conf
libpam-modules: /etc/security/namespace.conf
libpam-modules: /etc/security/namespace.init
libpam-modules: /etc/security/pam_env.conf
libpam-modules: /etc/security/sepermit.conf
libpam-modules: /etc/security/time.conf
libpam-mount: /etc/security/pam_mount.conf.xml
libpam-rsa: /etc/security/pamrsakp.cnf
libpam-shield: /etc/security/shield.conf
libpam-unix2: /etc/security/pam_unix2.default
login-duo: /etc/security/login_duo.conf
rainbow: /etc/security/console.perms.d/51-rainbow.perms
uhd-host: /etc/security/limits.d/uhd.conf

So, there's not a package that concretely creates this directory, that's why I assume it's part of the LSB.

However, I don't think this is part of the kernel. As you can see above, there are many packages that use this directory to put files inside, and as far as I know, is distro dependent. For example, systems that use systemd mostly ignore the content of the ''/etc/security'' directory.

Regarding to functionality, most of the files define limits to resources. As you can see above, most of the files in this directory are related to PAM packages, so in this case you can control how much users you will allow in the system at a time, for example. You can also control how much amount of open files can a process handle, defining both soft and hard limits.

As this is package dependent, you can use man on the several files you'll find inside (i.e., man limits.conf) but there's not a man page that explains the whole directory itself.


Most of the files under /etc/security are installed with PAM, but occasionally another package will sneak one in.

suse-linux> rpm -qf /etc/security/*
pam-1.1.8-12.4.x86_64
pam-1.1.8-12.4.x86_64
pam-1.1.8-12.4.x86_64
pam-1.1.8-12.4.x86_64
pam-1.1.8-12.4.x86_64
pam-1.1.8-12.4.x86_64
samba-winbind-4.2.4-21.3.x86_64
libpwquality1-1.2.3-5.1.x86_64
pam-1.1.8-12.4.x86_64
pam-1.1.8-12.4.x86_64

Most of the /etc/security/* files are config files for various PAM modules (eg. pam_access)

Often there are commented examples in these files, but if there aren't hit the man page for them (eg. "man access.conf").

If you don't see the PAM module listed in /etc/pam.d/* then nothing will use the values you add to its respective config file in /etc/security/.