diff options
Diffstat (limited to 'source/a/util-linux/pam.d')
| -rw-r--r-- | source/a/util-linux/pam.d/login | 23 | ||||
| -rw-r--r-- | source/a/util-linux/pam.d/runuser | 8 | ||||
| -rw-r--r-- | source/a/util-linux/pam.d/runuser-l | 6 | ||||
| -rw-r--r-- | source/a/util-linux/pam.d/su | 16 | ||||
| -rw-r--r-- | source/a/util-linux/pam.d/su-l | 10 |
5 files changed, 33 insertions, 30 deletions
diff --git a/source/a/util-linux/pam.d/login b/source/a/util-linux/pam.d/login index eb3121996..9209ef5bf 100644 --- a/source/a/util-linux/pam.d/login +++ b/source/a/util-linux/pam.d/login @@ -1,11 +1,14 @@ #%PAM-1.0 -auth required pam_securetty.so -auth include system-auth -auth include postlogin -account required pam_nologin.so -account include system-auth -password include system-auth -session include system-auth -session include postlogin -session required pam_loginuid.so -session optional pam_ck_connector.so nox11 +auth required pam_securetty.so +# To set a limit on failed authentications, the pam_tally2 module +# can be enabled. See pam_tally2(8) for options. +#auth required pam_tally2.so deny=4 unlock_time=1200 +auth include system-auth +auth include postlogin +account required pam_nologin.so +account include system-auth +password include system-auth +session include system-auth +session include postlogin +session required pam_loginuid.so +session optional pam_ck_connector.so nox11 diff --git a/source/a/util-linux/pam.d/runuser b/source/a/util-linux/pam.d/runuser index 37f0e84e7..5344abfe8 100644 --- a/source/a/util-linux/pam.d/runuser +++ b/source/a/util-linux/pam.d/runuser @@ -1,5 +1,5 @@ #%PAM-1.0 -auth sufficient pam_rootok.so -session optional pam_keyinit.so revoke -session required pam_limits.so -session required pam_unix.so +auth sufficient pam_rootok.so +session optional pam_keyinit.so revoke +session required pam_limits.so +session required pam_unix.so diff --git a/source/a/util-linux/pam.d/runuser-l b/source/a/util-linux/pam.d/runuser-l index fa1e4d835..5ba318ace 100644 --- a/source/a/util-linux/pam.d/runuser-l +++ b/source/a/util-linux/pam.d/runuser-l @@ -1,4 +1,4 @@ #%PAM-1.0 -auth include runuser -session optional pam_keyinit.so force revoke -session include runuser +auth include runuser +session optional pam_keyinit.so force revoke +session include runuser diff --git a/source/a/util-linux/pam.d/su b/source/a/util-linux/pam.d/su index c7c814877..c28a252ad 100644 --- a/source/a/util-linux/pam.d/su +++ b/source/a/util-linux/pam.d/su @@ -1,11 +1,11 @@ #%PAM-1.0 -auth sufficient pam_rootok.so +auth sufficient pam_rootok.so # Uncomment the following line to implicitly trust users in the "wheel" group. -#auth sufficient pam_wheel.so trust use_uid +#auth sufficient pam_wheel.so trust use_uid # Uncomment the following line to require a user to be in the "wheel" group. -#auth required pam_wheel.so use_uid -auth include system-auth -account include system-auth -password include system-auth -session include system-auth -session optional pam_xauth.so +#auth required pam_wheel.so use_uid +auth include system-auth +account include system-auth +password include system-auth +session include system-auth +session optional pam_xauth.so diff --git a/source/a/util-linux/pam.d/su-l b/source/a/util-linux/pam.d/su-l index 656a139a8..654dc24ed 100644 --- a/source/a/util-linux/pam.d/su-l +++ b/source/a/util-linux/pam.d/su-l @@ -1,6 +1,6 @@ #%PAM-1.0 -auth include su -account include su -password include su -session optional pam_keyinit.so force revoke -session include su +auth include su +account include su +password include su +session optional pam_keyinit.so force revoke +session include su |