-
Notifications
You must be signed in to change notification settings - Fork 41
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
commit 295d0bc made it so we ship per-distro pam files upstream. This commit updates those PAM files to be the latest version we ship in Fedora. https://bugzilla.gnome.org/show_bug.cgi?id=675085
- Loading branch information
Showing
5 changed files
with
59 additions
and
48 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,10 +1,16 @@ | ||
| #%PAM-1.0 | ||
| #%PAM-1.0 | ||
| auth required pam_env.so | ||
| auth required pam_permit.so | ||
| auth include postlogin | ||
| account required pam_nologin.so | ||
| account include system-auth | ||
| password include system-auth | ||
| session optional pam_keyinit.so force revoke | ||
| session include system-auth | ||
| session required pam_selinux.so close | ||
| session required pam_loginuid.so | ||
| session optional pam_console.so | ||
| -session optional pam_ck_connector.so | ||
| session required pam_selinux.so open | ||
| session optional pam_keyinit.so force revoke | ||
| session required pam_namespace.so | ||
| session include system-auth | ||
| session include postlogin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,17 +1,18 @@ | ||
| # Sample PAM file for doing fingerprint authentication. | ||
| # Distros should replace this with what makes sense for them. | ||
| auth required pam_env.so | ||
| auth required pam_fprintd.so | ||
| auth sufficient pam_succeed_if.so uid >= 500 quiet | ||
| auth required pam_deny.so | ||
| auth substack fingerprint-auth | ||
| auth required pam_succeed_if.so user != root quiet | ||
| auth include postlogin | ||
|
|
||
| account required pam_unix.so | ||
| account sufficient pam_localuser.so | ||
| account sufficient pam_succeed_if.so uid < 500 quiet | ||
| account required pam_permit.so | ||
| account required pam_nologin.so | ||
| account include fingerprint-auth | ||
|
|
||
| password required pam_deny.so | ||
| password include fingerprint-auth | ||
|
|
||
| session optional pam_keyinit.so revoke | ||
| session required pam_limits.so | ||
| session required pam_unix.so | ||
| session required pam_selinux.so close | ||
| session required pam_loginuid.so | ||
| session optional pam_console.so | ||
| -session optional pam_ck_connector.so | ||
| session required pam_selinux.so open | ||
| session optional pam_keyinit.so force revoke | ||
| session required pam_namespace.so | ||
| session include fingerprint-auth | ||
| session include postlogin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,19 +1,21 @@ | ||
| # Sample PAM file for doing password authentication. | ||
| # Distros should replace this with what makes sense for them. | ||
| auth required pam_env.so | ||
| auth sufficient pam_unix.so nullok try_first_pass | ||
| auth requisite pam_succeed_if.so uid >= 500 quiet | ||
| auth required pam_deny.so | ||
| auth [success=done ignore=ignore default=bad] pam_selinux_permit.so | ||
| auth substack password-auth | ||
| auth required pam_succeed_if.so user != root quiet | ||
| auth optional pam_gnome_keyring.so | ||
| auth include postlogin | ||
|
|
||
| account required pam_unix.so | ||
| account sufficient pam_localuser.so | ||
| account sufficient pam_succeed_if.so uid < 500 quiet | ||
| account required pam_permit.so | ||
| account required pam_nologin.so | ||
| account include password-auth | ||
|
|
||
| password requisite pam_cracklib.so try_first_pass retry=3 type= | ||
| password sufficient pam_unix.so nullok try_first_pass use_authtok | ||
| password required pam_deny.so | ||
| password include password-auth | ||
|
|
||
| session optional pam_keyinit.so revoke | ||
| session required pam_limits.so | ||
| session required pam_unix.so | ||
| session required pam_selinux.so close | ||
| session required pam_loginuid.so | ||
| session optional pam_console.so | ||
| -session optional pam_ck_connector.so | ||
| session required pam_selinux.so open | ||
| session optional pam_keyinit.so force revoke | ||
| session required pam_namespace.so | ||
| session include password-auth | ||
| session optional pam_gnome_keyring.so auto_start | ||
| session include postlogin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,18 +1,18 @@ | ||
| # Sample PAM file for doing smartcard authentication. | ||
| # Distros should replace this with what makes sense for them. | ||
| auth required pam_env.so | ||
| auth [success=done ignore=ignore default=die] pam_pkcs11.so wait_for_card card_only | ||
| auth requisite pam_succeed_if.so uid >= 500 quiet | ||
| auth required pam_deny.so | ||
| auth substack smartcard-auth | ||
| auth required pam_succeed_if.so user != root quiet | ||
| auth include postlogin | ||
|
|
||
| account required pam_unix.so | ||
| account sufficient pam_localuser.so | ||
| account sufficient pam_succeed_if.so uid < 500 quiet | ||
| account required pam_permit.so | ||
| account required pam_nologin.so | ||
| account include smartcard-auth | ||
|
|
||
| password optional pam_pkcs11.so | ||
| password requisite pam_cracklib.so try_first_pass retry=3 type= | ||
| password include smartcard-auth | ||
|
|
||
| session optional pam_keyinit.so revoke | ||
| session required pam_limits.so | ||
| session required pam_unix.so | ||
| session required pam_selinux.so close | ||
| session required pam_loginuid.so | ||
| session optional pam_console.so | ||
| -session optional pam_ck_connector.so | ||
| session required pam_selinux.so open | ||
| session optional pam_keyinit.so force revoke | ||
| session required pam_namespace.so | ||
| session include smartcard-auth | ||
| session include postlogin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,9 +1,11 @@ | ||
| #%PAM-1.0 | ||
| auth required pam_env.so | ||
| auth required pam_permit.so | ||
| auth include postlogin | ||
| account required pam_nologin.so | ||
| account include system-auth | ||
| password include system-auth | ||
| session required pam_loginuid.so | ||
| session optional pam_keyinit.so force revoke | ||
| session include system-auth | ||
| session include postlogin |