pam.conf   [plain text]


# Configuration file for Pluggable Authentication Modules (PAM).
#
# This file controls the authentication methods that login and other
# utilities use.  See pam(8) for a description of its format.
#
# Note: the final entry must say "required" -- otherwise, things don't
# work quite right.  If you delete the final entry, be sure to change
# "sufficient" to "required" in the entry before it.
#
# $Id: pam.conf,v 1.19 2001/08/20 08:02:49 lukeh Exp $

# chkpasswd: auth account
chkpasswd       auth       required       pam_unix.so
chkpasswd       account    required       pam_unix.so

# ftpd: auth account
ftpd            auth       required       pam_unix.so
ftpd            account    required       pam_unix.so

# login: auth account password session
login           auth       required       pam_unix.so
login           account    required       pam_unix.so
login           password   required       pam_netinfo.so
login           session    required       pam_permit.so

#login           auth       sufficient     pam_krb5.so
#login           account    optional       pam_krb5.so
#login           password   optional       pam_krb5.so
#login           session    optional       pam_krb5.so

# CheckPassword framework: auth account
CheckPassword   auth       required       pam_unix.so
CheckPassword   auth       sufficient     pam_directoryservice.so use_first_pass
CheckPassword   account    required       pam_unix.so

# loginwindow: auth account password session
loginwindow     auth       optional       pam_keychain.so use_first_pass
loginwindow     auth       required       pam_unix.so
loginwindow     account    required       pam_unix.so
loginwindow     password   required       pam_netinfo.so
loginwindow     session    required       pam_permit.so

#loginwindow     auth       sufficient     pam_krb5.so
#loginwindow     account    optional       pam_krb5.so
#loginwindow     password   optional       pam_krb5.so
#loginwindow     session    optional       pam_krb5.so

# passwd: password
passwd          password   required       pam_netinfo.so
#passwd		password   optional       pam_tim.so    try_first_pass
#passwd		password   optional       pam_nis.so    try_first_pass
#passwd		password   optional       pam_krb5.so   try_first_pass

# popper: auth aaccount session
popper          auth       required       pam_unix.so
popper          account    required       pam_unix.so
popper          session    required       pam_unix.so

# rlogin: auth account
#rlogin          auth       required       pam_unix.so
#rlogin          account    required       pam_unix.so

# rsh: auth account session
rsh             auth       required       pam_unix.so
rsh             account    required       pam_unix.so
rsh             session    required       pam_permit.so

# su: auth account session
su       	auth       sufficient     pam_rootok.so no_warn
su       	auth       requisite      pam_wheel.so	auth_as_self
su       	auth       required       pam_unix.so	try_first_pass nullok
su       	account    required       pam_unix.so
su       	password   required       pam_netinfo.so
su       	session    required       pam_unix.so

# other: auth account password session
other           auth       required       pam_deny.so
other           account    required       pam_deny.so
other           password   required       pam_deny.so
other           session    required       pam_deny.so