mirror of
git://slackware.nl/current.git
synced 2025-01-30 08:38:10 +01:00
080300e1e7
a/kernel-firmware-20200206_5351afe-noarch-1.txz: Upgraded. ap/ghostscript-9.50-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.17.1. ap/gutenprint-5.3.3-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.17.1. ap/nano-4.8-x86_64-1.txz: Upgraded. ap/screen-4.8.0-x86_64-1.txz: Upgraded. ap/vim-8.2.0224-x86_64-1.txz: Upgraded. d/cvs-1.11.23-x86_64-4.txz: Rebuilt. Recompiled against krb5-1.17.1. d/strace-5.5-x86_64-1.txz: Upgraded. kde/kdelibs-4.14.38-x86_64-6.txz: Rebuilt. Recompiled against krb5-1.17.1. l/gtk+2-2.24.32-x86_64-3.txz: Rebuilt. Recompiled against krb5-1.17.1. l/gtk+3-3.24.13-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.17.1. l/libsoup-2.68.3-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.17.1. l/libssh-0.9.3-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.17.1. l/loudmouth-1.5.3-x86_64-4.txz: Rebuilt. Recompiled against krb5-1.17.1. l/neon-0.30.2-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.17.1. n/cifs-utils-6.10-x86_64-2.txz: Rebuilt. Recompiled to build cifs.upcall. n/curl-7.68.0-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.17.1. n/cyrus-sasl-2.1.27-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.17.1. xap/vim-gvim-8.2.0224-x86_64-1.txz: Upgraded.
96 lines
3.2 KiB
Text
96 lines
3.2 KiB
Text
#%PAM-1.0
|
|
#
|
|
# Most of these PAM modules have man pages included, like
|
|
# PAM_UNIX(8) for example.
|
|
#
|
|
|
|
##################
|
|
# Authentication #
|
|
##################
|
|
#
|
|
# To set a limit on failed authentications, the tallying modules
|
|
# can be enabled.
|
|
#
|
|
auth required pam_env.so
|
|
auth required pam_tally2.so
|
|
#
|
|
auth sufficient pam_unix.so likeauth nullok
|
|
auth required pam_deny.so
|
|
auth optional pam_gnome_keyring.so
|
|
|
|
##################
|
|
# Account checks #
|
|
##################
|
|
#
|
|
# Only root can login if file /etc/nologin exists.
|
|
# This is equivalent to NOLOGINS_FILE on login.defs
|
|
#
|
|
account required pam_nologin.so
|
|
#
|
|
# Enable restrictions by time, specified in /etc/security/time.conf
|
|
# This is equivalent to PORTTIME_CHECKS_ENAB on login.defs
|
|
#
|
|
account required pam_time.so
|
|
account required pam_unix.so
|
|
account sufficient pam_succeed_if.so uid < 100 quiet
|
|
account required pam_permit.so
|
|
|
|
#####################
|
|
# Password handling #
|
|
#####################
|
|
#
|
|
# If you have CrackLib installed and enabled
|
|
#
|
|
# Passwords will be checked against a huge dictionary and need to
|
|
# have at least 6 characters (cracklib can't use 5). Some options
|
|
# of cracklib modules are:
|
|
#
|
|
# difok Number of characters that needs to be different
|
|
# between old and new characters
|
|
# minlen Password minimal length
|
|
# retry How many times the user can try bad new passwords
|
|
# dcredit,ocredit,ucredit,lcredit
|
|
# Digiti, Others, Uppercase, Lowercase characters
|
|
# Positive numbers marks the max number of credits given
|
|
# by one character class. With dcredit=5 and minlen=6, you
|
|
# can't use a full numeric password because more than 5
|
|
# digit characters doesn't count credits to achieve the
|
|
# minimal length
|
|
# Negative numbers determine that a password needs to have
|
|
# at least N characters
|
|
#
|
|
# You can see many other pam_cracklib options at pam_cracklib(8) manpage
|
|
#
|
|
# Also, the "use_authtok" option for pam_unix is for working with pam_cracklib
|
|
# in sharing the password stack. See pam_unix(8) for more details.
|
|
#
|
|
# If you need to use CrackLib to enforce your passwords, uncomment
|
|
# two statements:
|
|
#password requisite pam_cracklib.so retry=3 minlen=6 \
|
|
# difok=1 dcredit=5 ocredit=5 ucredit=5 lcredit=5
|
|
#password sufficient pam_unix.so nullok sha512 shadow minlen=6 try_first_pass use_authtok
|
|
#
|
|
# --
|
|
# A less intense option for cracklib, is:
|
|
#password requisite pam_cracklib.so retry=3
|
|
#password sufficient pam_unix.so nullok sha512 shadow minlen=6 try_first_pass use_authtok
|
|
# --
|
|
# The default is the "traditional" way without CrackLib.
|
|
# Passwords need to have at least 8 characters. If you are using Cracklib,
|
|
# please comment the next statement.
|
|
password sufficient pam_unix.so nullok sha512 shadow minlen=8
|
|
|
|
# ATTENTION: keep the line for pam_deny.so
|
|
password required pam_deny.so
|
|
|
|
#########################
|
|
# Session Configuration #
|
|
#########################
|
|
#
|
|
# This applies the limits specified in /etc/security/limits.conf
|
|
#
|
|
session required pam_limits.so
|
|
session required pam_unix.so
|
|
#session required pam_lastlog.so showfailed
|
|
#session optional pam_mail.so standard
|
|
session optional pam_gnome_keyring.so auto_start
|