diff options
| author | Jonathan Bauer | 2013-04-07 11:31:04 +0200 |
|---|---|---|
| committer | sr | 2013-04-12 19:11:42 +0200 |
| commit | accf8825e343d9df0a65aecadd601ba9f9c0cf7a (patch) | |
| tree | d00e57e543d7538f0536c9da433e8ccc13dac9ce /remote/modules/pam | |
| parent | fix3 (diff) | |
| download | tm-scripts-accf8825e343d9df0a65aecadd601ba9f9c0cf7a.tar.gz tm-scripts-accf8825e343d9df0a65aecadd601ba9f9c0cf7a.tar.xz tm-scripts-accf8825e343d9df0a65aecadd601ba9f9c0cf7a.zip | |
PAM: first check unix, then LDAP
Diffstat (limited to 'remote/modules/pam')
| -rw-r--r-- | remote/modules/pam/data/etc/pam.d/common-account | 4 | ||||
| -rw-r--r-- | remote/modules/pam/data/etc/pam.d/common-auth | 4 | ||||
| -rw-r--r-- | remote/modules/pam/data/etc/pam.d/common-session | 4 |
3 files changed, 6 insertions, 6 deletions
diff --git a/remote/modules/pam/data/etc/pam.d/common-account b/remote/modules/pam/data/etc/pam.d/common-account index 93eaac32..3a5d5a14 100644 --- a/remote/modules/pam/data/etc/pam.d/common-account +++ b/remote/modules/pam/data/etc/pam.d/common-account @@ -14,8 +14,8 @@ # # here are the per-package modules (the "Primary" block) -account [success=2 new_authtok_reqd=done default=ignore] pam_ldap.so -account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so use_first_pass +account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so +account [success=1 new_authtok_reqd=done default=ignore] pam_ldap.so use_first_pass # here's the fallback if no module succeeds account requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; diff --git a/remote/modules/pam/data/etc/pam.d/common-auth b/remote/modules/pam/data/etc/pam.d/common-auth index 9b610419..1fa577e7 100644 --- a/remote/modules/pam/data/etc/pam.d/common-auth +++ b/remote/modules/pam/data/etc/pam.d/common-auth @@ -14,8 +14,8 @@ # pam-auth-update(8) for details. # here are the per-package modules (the "Primary" block) -auth [success=2 default=ignore] pam_ldap.so -auth [success=1 default=ignore] pam_unix.so use_first_pass nullok_secure +auth [success=2 default=ignore] pam_unix.so +auth [success=1 default=ignore] pam_ldap.so use_first_pass nullok_secure # here's the fallback if no module succeeds auth requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; diff --git a/remote/modules/pam/data/etc/pam.d/common-session b/remote/modules/pam/data/etc/pam.d/common-session index 0fd7b0af..b130bb1f 100644 --- a/remote/modules/pam/data/etc/pam.d/common-session +++ b/remote/modules/pam/data/etc/pam.d/common-session @@ -26,7 +26,7 @@ session required pam_permit.so # See "man pam_umask". session optional pam_umask.so # and here are more per-package modules (the "Additional" block) -session [success=1] pam_ldap.so -session [success=ok] pam_unix.so +session [success=1] pam_unix.so +session [success=ok] pam_ldap.so session optional pam_ck_connector.so nox11 # end of pam-auth-update config |