source: server/fedora/config/etc/pam.d/sshd @ 477

Last change on this file since 477 was 423, checked in by quentin, 18 years ago
Tell users when they don't have tickets or don't exist
File size: 1009 bytes
Line 
1#%PAM-1.0
2# Authentication modules
3
4# If they're not root, but their user exists (success),
5auth    [success=ignore ignore=ignore default=1]        pam_succeed_if.so uid > 0
6# print the "You don't have tickets" error:
7auth    [success=die ignore=reset default=die]  pam_echo.so file=/etc/issue.net.no_tkt
8# If !(they are root),
9auth    [success=1 ignore=ignore default=ignore]        pam_succeed_if.so uid eq 0
10# print the "your account doesn't exist" error:
11auth    [success=die ignore=reset default=die]  pam_echo.so file=/etc/issue.net.no_user
12
13# Set environment variables:
14auth       required     pam_env.so
15# Use Unix authentication and succeed immediately (sufficient):
16auth       sufficient   pam_unix.so try_first_pass
17# If they somehow slipped through, deny:
18auth       required     pam_deny.so
19
20account    required     pam_nologin.so
21account    include      system-auth
22password   include      system-auth
23session    optional     pam_keyinit.so force revoke
24session    include      system-auth
25session    required     pam_loginuid.so
Note: See TracBrowser for help on using the repository browser.