diff options
author | Simon Rettberg | 2016-04-25 11:42:14 +0200 |
---|---|---|
committer | Simon Rettberg | 2016-04-25 11:42:14 +0200 |
commit | 9fe0323d0defaf4dbe1e118a282b331dc8a4d7c2 (patch) | |
tree | e470bbda16369322876d207d2c31e7a2c2a12239 /server/modules/pam-bwidm-freiburg/etc/pam.d/common-account | |
parent | [kernel-vanilla] 4.4.8 (diff) | |
download | tm-scripts-9fe0323d0defaf4dbe1e118a282b331dc8a4d7c2.tar.gz tm-scripts-9fe0323d0defaf4dbe1e118a282b331dc8a4d7c2.tar.xz tm-scripts-9fe0323d0defaf4dbe1e118a282b331dc8a4d7c2.zip |
[pam-bwidm] minor cleanup
Diffstat (limited to 'server/modules/pam-bwidm-freiburg/etc/pam.d/common-account')
-rw-r--r-- | server/modules/pam-bwidm-freiburg/etc/pam.d/common-account | 14 |
1 files changed, 3 insertions, 11 deletions
diff --git a/server/modules/pam-bwidm-freiburg/etc/pam.d/common-account b/server/modules/pam-bwidm-freiburg/etc/pam.d/common-account index da270620..d8c9be5e 100644 --- a/server/modules/pam-bwidm-freiburg/etc/pam.d/common-account +++ b/server/modules/pam-bwidm-freiburg/etc/pam.d/common-account @@ -6,22 +6,14 @@ # the central access policy for use on the system. The default is to # only deny service to users whose accounts are expired in /etc/shadow. # -# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. -# To take advantage of this, it is recommended that you configure any -# local modules either before or after the default block, and use -# pam-auth-update to manage selection of other modules. See -# pam-auth-update(8) for details. -# # here are the per-package modules (the "Primary" block) -account [success=3 new_authtok_reqd=done default=ignore] pam_exec.so quiet debug /opt/openslx/scripts/pam_bwidm -account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so use_first_pass -account [success=1 new_authtok_reqd=done default=ignore] pam_sss.so use_first_pass +account [success=3 new_authtok_reqd=done default=ignore] pam_unix.so +account [success=2 new_authtok_reqd=done default=ignore] pam_exec.so quiet /opt/openslx/scripts/pam_bwidm +account [success=1 new_authtok_reqd=done default=ignore] pam_sss.so # here's the fallback if no module succeeds account requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around account required pam_permit.so -# and here are more per-package modules (the "Additional" block) -# end of pam-auth-update config |