diff options
author | Duncan Wilkie <duncannwilkie@gmail.com> | 2023-06-07 13:30:34 -0500 |
---|---|---|
committer | Duncan Wilkie <duncannwilkie@gmail.com> | 2023-06-07 13:30:34 -0500 |
commit | fd0da00ba501f37efea1cbfb89414cde847c48c3 (patch) | |
tree | 415d44be4d202afd25cdc02c3bbcc21afcd84472 /system-auth | |
parent | 8e7b13c1059e001b8fd652fd5b1b2f87b866377a (diff) |
Drastic config changes and a temporary file totally unrelated.
Diffstat (limited to 'system-auth')
-rw-r--r-- | system-auth | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/system-auth b/system-auth new file mode 100644 index 0000000..81f5aed --- /dev/null +++ b/system-auth @@ -0,0 +1,28 @@ +#%PAM-1.0 + +auth required pam_faillock.so preauth +# Optionally use requisite above if you do not want to prompt for the password +# on locked accounts. +-auth [success=2 default=ignore] pam_systemd_home.so +auth required pam_usb.so +auth [success=1 default=bad] pam_unix.so try_first_pass nullok +auth [default=die] pam_faillock.so authfail +auth optional pam_permit.so +auth required pam_env.so +auth required pam_faillock.so authsucc +# If you drop the above call to pam_faillock.so the lock will be done also +# on non-consecutive authentication failures. + +-account [success=1 default=ignore] pam_systemd_home.so +account required pam_unix.so +account optional pam_permit.so +account required pam_time.so + +-password [success=1 default=ignore] pam_systemd_home.so +password required pam_unix.so try_first_pass nullok shadow sha512 +password optional pam_permit.so + +-session optional pam_systemd_home.so +session required pam_limits.so +session required pam_unix.so +session optional pam_permit.so |