diff options
| author | Simon Rettberg | 2019-09-10 17:11:47 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2019-09-10 17:11:47 +0200 |
| commit | 908495f6833d66bcdd3736950aff5931184ed67b (patch) | |
| tree | 2fd580d75bc38e9bc888bba5e99bd9675f607d9f | |
| parent | [run-virt] Only wipe TMPDIR on cleanexit 0 (diff) | |
| download | mltk-908495f6833d66bcdd3736950aff5931184ed67b.tar.gz mltk-908495f6833d66bcdd3736950aff5931184ed67b.tar.xz mltk-908495f6833d66bcdd3736950aff5931184ed67b.zip | |
[pam-slx-plug] Change order in common-account: Move pam_unix before us
Our script does make round trips to LDAP under certain conditions which
is slow, so try pam_unix first.
| -rwxr-xr-x | core/modules/pam-slx-plug/data/opt/openslx/pam/systemd/create-pam-config | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/core/modules/pam-slx-plug/data/opt/openslx/pam/systemd/create-pam-config b/core/modules/pam-slx-plug/data/opt/openslx/pam/systemd/create-pam-config index a4daa837..18936603 100755 --- a/core/modules/pam-slx-plug/data/opt/openslx/pam/systemd/create-pam-config +++ b/core/modules/pam-slx-plug/data/opt/openslx/pam/systemd/create-pam-config @@ -69,14 +69,14 @@ write_sssd_config() { return 0 # OK } -# Our plugin, but account ONLY since it's fast -account+=("[success=%NUM% new_authtok_reqd=done default=ignore] pam_exec.so quiet /opt/openslx/pam/exec_account") - # unix auth+=("[success=%NUM% default=ignore] pam_unix.so nodelay") account+=("[success=%NUM% new_authtok_reqd=done default=ignore] pam_unix.so") nss+=("files" "cache") +# Our plugin, but account ONLY since it's fast (it's not if not executed in root context so move after unix) +account+=("[success=%NUM% new_authtok_reqd=done default=ignore] pam_exec.so quiet /opt/openslx/pam/exec_account") + # check for bwIDM if [ -x "/opt/openslx/scripts/pam_bwidm" ]; then auth+=("[success=%NUM% default=ignore] pam_exec.so quiet expose_authtok /opt/openslx/scripts/pam_bwidm") |