mirror of
git://slackware.nl/current.git
synced 2024-12-30 10:24:23 +01:00
9c5b3c5ded
a/shadow-4.8.1-x86_64-10.txz: Rebuilt. system-auth: auth required pam_unix.so [...], otherwise the stack exits before pam_gnome_keyring.so executes. Thanks to pyllyukko. Get rid of "auth required pam_deny.so" which seems like a mistake. Still pending: consider GazL's comments on moving stuff out of system-auth. a/upower-0.9.23-x86_64-5.txz: Rebuilt. Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0. The renaming mess initiated by libplist required a rebuild on this one to keep things consistent for now, but don't worry - we aren't going to be sticking to this version for long or anything. ap/hplip-3.20.6-x86_64-1.txz: Upgraded. ap/usbmuxd-20200615_3daa1e9-x86_64-1.txz: Upgraded. Compiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0. d/bison-3.6.4-x86_64-1.txz: Upgraded. d/meson-0.54.3-x86_64-1.txz: Upgraded. d/python-setuptools-47.3.0-x86_64-1.txz: Upgraded. l/ffmpeg-4.3-x86_64-1.txz: Upgraded. l/gvfs-1.44.1-x86_64-2.txz: Rebuilt. Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0. l/libgpod-0.8.3-x86_64-7.txz: Rebuilt. Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0. l/libimobiledevice-20200615_4791a82-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/libplist-2.2.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/libusbmuxd-20200615_c7d7d1a-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/fetchmail-6.4.8-x86_64-1.txz: Upgraded. n/nftables-0.9.6-x86_64-1.txz: Upgraded. extra/pure-alsa-system/ffmpeg-4.3-x86_64-1_alsa.txz: Upgraded.
69 lines
2.4 KiB
Text
69 lines
2.4 KiB
Text
#%PAM-1.0
|
|
#
|
|
# Most of these PAM modules have man pages included, like
|
|
# pam_unix(8) for example.
|
|
#
|
|
|
|
##################
|
|
# Authentication #
|
|
##################
|
|
#
|
|
auth required pam_env.so
|
|
auth optional pam_group.so
|
|
auth required pam_unix.so likeauth nullok
|
|
-auth optional pam_gnome_keyring.so
|
|
|
|
##################
|
|
# Account checks #
|
|
##################
|
|
#
|
|
# Only root can login if file /etc/nologin exists.
|
|
# This is equivalent to NOLOGINS_FILE on login.defs
|
|
#
|
|
account required pam_nologin.so
|
|
#
|
|
# Enable restrictions by time, specified in /etc/security/time.conf
|
|
# This is equivalent to PORTTIME_CHECKS_ENAB on login.defs
|
|
#
|
|
account required pam_time.so
|
|
account required pam_unix.so
|
|
account sufficient pam_succeed_if.so uid < 100 quiet
|
|
account required pam_permit.so
|
|
|
|
#############################
|
|
# Password quality checking #
|
|
#############################
|
|
#
|
|
# Please note that unless cracklib and libpwquality are installed, setting
|
|
# passwords will not work unless the lines for the pam_pwquality module are
|
|
# commented out and the line for the traditional no-quality-check password
|
|
# changing is uncommented.
|
|
#
|
|
# The pam_pwquality module will check the quality of a user-supplied password
|
|
# against the dictionary installed for cracklib. Other tests are (or may be)
|
|
# done as well - see: man pam_pwquality
|
|
#
|
|
# Default password quality checking with pam_pwquality. If you don't want
|
|
# password quality checking, comment out these two lines and uncomment the
|
|
# traditional password handling line below.
|
|
password requisite pam_pwquality.so minlen=6 retry=3
|
|
password sufficient pam_unix.so nullok sha512 shadow minlen=6 try_first_pass use_authtok
|
|
|
|
# Traditional password handling without pam_pwquality password checking.
|
|
# Commented out by default to use the two pam_pwquality lines above.
|
|
#password sufficient pam_unix.so nullok sha512 shadow minlen=6
|
|
|
|
# ATTENTION: always keep this line for pam_deny.so:
|
|
password required pam_deny.so
|
|
|
|
#########################
|
|
# Session Configuration #
|
|
#########################
|
|
#
|
|
# This applies the limits specified in /etc/security/limits.conf
|
|
#
|
|
session required pam_limits.so
|
|
session required pam_unix.so
|
|
#session required pam_lastlog.so showfailed
|
|
#session optional pam_mail.so standard
|
|
-session optional pam_gnome_keyring.so auto_start
|