SOURCES: system-auth.pamd - don't call pam_env twice (auth is enou...
baggins
baggins at pld-linux.org
Mon Mar 26 16:03:32 CEST 2007
Author: baggins Date: Mon Mar 26 14:03:32 2007 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- don't call pam_env twice (auth is enough)
- don't use pam_nologin for generic auth
- added example pam_pwgen
- added (commented) pam_exec make tp password
---- Files affected:
SOURCES:
system-auth.pamd (1.5 -> 1.6)
---- Diffs:
================================================================
Index: SOURCES/system-auth.pamd
diff -u SOURCES/system-auth.pamd:1.5 SOURCES/system-auth.pamd:1.6
--- SOURCES/system-auth.pamd:1.5 Sat Feb 17 21:40:02 2007
+++ SOURCES/system-auth.pamd Mon Mar 26 16:03:26 2007
@@ -1,18 +1,18 @@
#%PAM-1.0
auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
auth required pam_env.so
-auth required pam_unix.so try_first_pass
auth required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed
-auth required pam_nologin.so
+auth required pam_unix.so try_first_pass
account required pam_tally.so file=/var/log/faillog onerr=succeed
account required pam_unix.so
+# password [success=1 ignore=reset abort=die default=bad] pam_pwgen.so upper=1 digit=1
password required pam_cracklib.so try_first_pass difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
password required pam_unix.so try_first_pass blowfish shadow use_authtok
+# password required pam_exec.so failok seteuid /usr/bin/make -C /var/db
session optional pam_keyinit.so revoke
-session required pam_env.so
session required pam_limits.so change_uid
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/system-auth.pamd?r1=1.5&r2=1.6&f=u
More information about the pld-cvs-commit
mailing list