diff options
| -rw-r--r-- | remote/modules/pam/data/etc/pam.d/common-account | 1 | ||||
| -rw-r--r-- | remote/modules/pam/data/etc/pam.d/common-auth | 3 | ||||
| -rw-r--r-- | remote/modules/pam/data/etc/pam.d/common-session | 6 | ||||
| -rw-r--r-- | remote/modules/pam/pam.conf | 1 |
4 files changed, 3 insertions, 8 deletions
diff --git a/remote/modules/pam/data/etc/pam.d/common-account b/remote/modules/pam/data/etc/pam.d/common-account index 26055551..3a5d5a14 100644 --- a/remote/modules/pam/data/etc/pam.d/common-account +++ b/remote/modules/pam/data/etc/pam.d/common-account @@ -23,5 +23,4 @@ account requisite pam_deny.so # since the modules above will each just jump around account required pam_permit.so # and here are more per-package modules (the "Additional" block) -account required pam_krb5.so # end of pam-auth-update config diff --git a/remote/modules/pam/data/etc/pam.d/common-auth b/remote/modules/pam/data/etc/pam.d/common-auth index 088ed13f..1fa577e7 100644 --- a/remote/modules/pam/data/etc/pam.d/common-auth +++ b/remote/modules/pam/data/etc/pam.d/common-auth @@ -14,8 +14,7 @@ # pam-auth-update(8) for details. # here are the per-package modules (the "Primary" block) -auth [success=3 default=ignore] pam_krb5.so minimum_uid=1000 -auth [success=2 default=ignore] pam_unix.so try_first_pass +auth [success=2 default=ignore] pam_unix.so auth [success=1 default=ignore] pam_ldap.so use_first_pass nullok_secure # here's the fallback if no module succeeds auth requisite pam_deny.so diff --git a/remote/modules/pam/data/etc/pam.d/common-session b/remote/modules/pam/data/etc/pam.d/common-session index e3180dd4..c5813892 100644 --- a/remote/modules/pam/data/etc/pam.d/common-session +++ b/remote/modules/pam/data/etc/pam.d/common-session @@ -26,10 +26,8 @@ session required pam_permit.so # See "man pam_umask". session optional pam_umask.so # and here are more per-package modules (the "Additional" block) -session [success=3] pam_unix.so -session [success=2] pam_krb5.so minimum_uid=1000 -session [success=1] pam_ldap.so +session [success=1] pam_unix.so +session [success=ok] pam_ldap.so session optional pam_mkhomedir.so skel=/etc/skel umask=0022 -session optional pam_script.so session required pam_systemd.so kill-session-processes=1 # end of pam-auth-update config diff --git a/remote/modules/pam/pam.conf b/remote/modules/pam/pam.conf index bbdd610f..e5bd35c6 100644 --- a/remote/modules/pam/pam.conf +++ b/remote/modules/pam/pam.conf @@ -22,7 +22,6 @@ REQUIRED_CONTENT_PACKAGES=" krb5-user krb5-config libpam-krb5 - libpam-mount ldap-utils libnfsidmap2 nfs-common |