pam: Let pam.d/cron include common-account.

author Matthijs Kooijman <matthijs@stdin.nl>

Tue, 30 Dec 2008 23:00:45 +0000 (00:00 +0100)

committer Matthijs Kooijman <matthijs@stdin.nl>

Tue, 30 Dec 2008 23:00:45 +0000 (00:00 +0100)
author Matthijs Kooijman <matthijs@stdin.nl>
Tue, 30 Dec 2008 23:00:45 +0000 (00:00 +0100)
committer Matthijs Kooijman <matthijs@stdin.nl>
Tue, 30 Dec 2008 23:00:45 +0000 (00:00 +0100)
diff --git a/etc/pam.d/cron b/etc/pam.d/cron

index 938d30f297dc0ef8cfb5651bb6385a9ce9f345cd..d85f4138357ec080003270e3843e818d68b6ee48 100644 (file)
--- a/etc/pam.d/cron
+++ b/etc/pam.d/cron
@@ -2,15 +2,13 @@
  # The PAM configuration file for the cron daemon
  #
  
+# cron uses pam_set_cred so it needs a working auth section. It does not do
+# any other real authentication.
  auth          sufficient          pam_unix.so
-@include      common-auth
  
-# This is required instead of sufficient, since pam_unix mostly does checks
-# based on NSS, so this will also work for ldap users.
-account       required          pam_unix.so
-# We use a custom control spec so we won't fail on user_unknown special
-account       [success=ok new_authtok_reqd=ok user_unknown=ignore ignore=ignore default=bad] pam_ldap.so
+@include      common-auth
  
+@include      common-account
  
  @include      common-session
author	Matthijs Kooijman <matthijs@stdin.nl>
	Tue, 30 Dec 2008 23:00:45 +0000 (00:00 +0100)
committer	Matthijs Kooijman <matthijs@stdin.nl>
	Tue, 30 Dec 2008 23:00:45 +0000 (00:00 +0100)