From accf8825e343d9df0a65aecadd601ba9f9c0cf7a Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Sun, 7 Apr 2013 11:31:04 +0200
Subject: PAM: first check unix, then LDAP

---
 remote/modules/pam/data/etc/pam.d/common-account | 4 ++--
 remote/modules/pam/data/etc/pam.d/common-auth    | 4 ++--
 remote/modules/pam/data/etc/pam.d/common-session | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

(limited to 'remote/modules')

diff --git a/remote/modules/pam/data/etc/pam.d/common-account b/remote/modules/pam/data/etc/pam.d/common-account
index 93eaac32..3a5d5a14 100644
--- a/remote/modules/pam/data/etc/pam.d/common-account
+++ b/remote/modules/pam/data/etc/pam.d/common-account
@@ -14,8 +14,8 @@
 #
 
 # here are the per-package modules (the "Primary" block)
-account [success=2 new_authtok_reqd=done default=ignore]	pam_ldap.so
-account	[success=1 new_authtok_reqd=done default=ignore]	pam_unix.so use_first_pass
+account	[success=2 new_authtok_reqd=done default=ignore]	pam_unix.so
+account [success=1 new_authtok_reqd=done default=ignore]	pam_ldap.so use_first_pass
 # here's the fallback if no module succeeds
 account	requisite			pam_deny.so
 # prime the stack with a positive return value if there isn't one already;
diff --git a/remote/modules/pam/data/etc/pam.d/common-auth b/remote/modules/pam/data/etc/pam.d/common-auth
index 9b610419..1fa577e7 100644
--- a/remote/modules/pam/data/etc/pam.d/common-auth
+++ b/remote/modules/pam/data/etc/pam.d/common-auth
@@ -14,8 +14,8 @@
 # pam-auth-update(8) for details.
 
 # here are the per-package modules (the "Primary" block)
-auth	[success=2 default=ignore]	pam_ldap.so
-auth	[success=1 default=ignore]	pam_unix.so use_first_pass nullok_secure
+auth	[success=2 default=ignore]	pam_unix.so
+auth	[success=1 default=ignore]	pam_ldap.so use_first_pass nullok_secure
 # here's the fallback if no module succeeds
 auth	requisite			pam_deny.so
 # prime the stack with a positive return value if there isn't one already;
diff --git a/remote/modules/pam/data/etc/pam.d/common-session b/remote/modules/pam/data/etc/pam.d/common-session
index 0fd7b0af..b130bb1f 100644
--- a/remote/modules/pam/data/etc/pam.d/common-session
+++ b/remote/modules/pam/data/etc/pam.d/common-session
@@ -26,7 +26,7 @@ session	required			pam_permit.so
 # See "man pam_umask".
 session optional			pam_umask.so
 # and here are more per-package modules (the "Additional" block)
-session [success=1]	pam_ldap.so
-session	[success=ok]	pam_unix.so 
+session	[success=1]	pam_unix.so 
+session [success=ok]	pam_ldap.so
 session	optional			pam_ck_connector.so nox11
 # end of pam-auth-update config
-- 
cgit v1.2.3-55-g7522