freebsd-dev/etc/pam.d/login
Dag-Erling Smørgrav a87cdc1598 Use pam_lastlog(8)'s new no_fail option.
Sponsored by:	DARPA, NAI Labs
2002-05-08 00:33:02 +00:00

34 lines
971 B
Bash

#
# $FreeBSD$
#
# PAM configuration for the "login" service
#
# auth
auth required pam_nologin.so no_warn
auth sufficient pam_self.so no_warn
auth sufficient pam_opie.so no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn
#auth sufficient pam_kerberosIV.so no_warn try_first_pass
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
auth required pam_unix.so no_warn try_first_pass nullok
# account
#account required pam_kerberosIV.so
#account required pam_krb5.so
account required pam_login_access.so
account required pam_securetty.so
account required pam_unix.so
# session
#session required pam_kerberosIV.so
#session required pam_krb5.so
#session required pam_ssh.so
session required pam_lastlog.so no_fail
# password
#password sufficient pam_kerberosIV.so no_warn try_first_pass
#password sufficient pam_krb5.so no_warn try_first_pass
password required pam_unix.so no_warn try_first_pass