From 62ad15b8497c95ec19a074fee419c754108a7cf9 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 25 Sep 2008 12:19:43 +0000 Subject: [PATCH] pam: Simplify configuration. --- etc/pam.d/common-account | 9 +++------ etc/pam.d/common-auth | 3 +-- etc/pam.d/common-password | 4 ++-- etc/pam.d/common-session | 2 +- 4 files changed, 7 insertions(+), 11 deletions(-) diff --git a/etc/pam.d/common-account b/etc/pam.d/common-account index c2e28cb..141d2c2 100644 --- a/etc/pam.d/common-account +++ b/etc/pam.d/common-account @@ -9,9 +9,6 @@ # Default was: #account required pam_unix.so # -# LDAP config copied from http://wiki.debian.org/LDAP/PAM -account required pam_unix.so -account sufficient pam_succeed_if.so uid < 1000 quiet -account [default=bad success=ok user_unknown=ignore] pam_ldap.so -account required pam_permit.so - +# LDAP config based on from http://wiki.debian.org/LDAP/PAM +account sufficient pam_ldap.so +account required pam_unix.so diff --git a/etc/pam.d/common-auth b/etc/pam.d/common-auth index aa0742c..f7bce51 100644 --- a/etc/pam.d/common-auth +++ b/etc/pam.d/common-auth @@ -11,8 +11,7 @@ # Default was: # auth required pam_unix.so nullok_secure # -# LDAP config copied from http://wiki.debian.org/LDAP/PAM +# LDAP config based on from http://wiki.debian.org/LDAP/PAM auth sufficient pam_unix.so nullok_secure -auth requisite pam_succeed_if.so uid >= 1000 quiet auth sufficient pam_ldap.so use_first_pass auth required pam_deny.so diff --git a/etc/pam.d/common-password b/etc/pam.d/common-password index 513712b..22431e9 100644 --- a/etc/pam.d/common-password +++ b/etc/pam.d/common-password @@ -24,9 +24,9 @@ # Default was: # password required pam_unix.so nullok obscure md5 # -# LDAP config copied from http://wiki.debian.org/LDAP/PAM, but with use_authtok +# LDAP config based on from http://wiki.debian.org/LDAP/PAM, but with use_authtok # options removed. -password sufficient pam_unix.so md5 obscure min=4 max=8 nullok try_first_pass +password sufficient pam_unix.so nullok obscure md5 password sufficient pam_ldap.so password required pam_deny.so diff --git a/etc/pam.d/common-session b/etc/pam.d/common-session index c6eb196..baffea8 100644 --- a/etc/pam.d/common-session +++ b/etc/pam.d/common-session @@ -10,7 +10,7 @@ # # session required pam_unix.so -# LDAP config copied from http://wiki.debian.org/LDAP/PAM +# LDAP config based on from http://wiki.debian.org/LDAP/PAM session required pam_limits.so session required pam_unix.so session optional pam_ldap.so -- 2.30.2