Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
#%PAM-1.0# this MUST be first in the "auth" stack as it sets PAM_USER# user_unknown is definitive, so die instead of ignore to avoid subsequent modules mess up the error code-auth [success=done new_authtok_reqd=done user_unknown=die default=ignore] pam_cockpit_cert.soauth required pam_sepermit.soauth substack password-authauth include postloginauth optional pam_ssh_add.soaccount required pam_nologin.soaccount include password-authpassword include password-auth# pam_selinux.so close should be the first session rulesession required pam_selinux.so closesession required pam_loginuid.so# pam_selinux.so open should only be followed by sessions to be executed in the user contextsession required pam_selinux.so open env_paramssession optional pam_keyinit.so force revokesession optional pam_ssh_add.sosession include password-authsession include postlogin