Add a whole bunch of example entries for pam. This should help get

folk over various hurdles.
This commit is contained in:
Mark Murray 2000-01-04 06:08:58 +00:00
parent 32ecc7a2e7
commit fddd8ddc7f

View File

@ -9,19 +9,27 @@
#
# $FreeBSD$
# If the user can authenticate with S/Key, that's sufficient.
# If the user can authenticate with S/Key, that's sufficient; allow clear
# password. Try kerberos, then try plain unix password.
login auth sufficient pam_skey.so
# Check skey.access to make sure it is OK to let the user type in
# a cleartext password. If not, then fail right here.
login auth requisite pam_cleartext_pass_ok.so
# If you want KerberosIV authentication, uncomment the next line:
#login auth sufficient pam_kerberosIV.so try_first_pass
# Traditional getpwnam() authentication.
login auth required pam_unix.so try_first_pass
# r-utils are broken; ensure this doesn't bother folk
rshd auth sufficient pam_deny.so
# Don't break startx
xserver auth required pam_permit.so
# XDM is difficult; it fails or moans unless there are modules for each
# of the four management groups; auth, account, session and password.
xdm auth required pam_unix.so
#xdm auth sufficient pam_kerberosIV.so try_first_pass
xdm account required pam_unix.so try_first_pass
xdm session required pam_deny.so
xdm password required pam_deny.so
# If we don't match anything else, default to using getpwnam().
other auth required pam_unix.so try_first_pass
other account required pam_unix.so try_first_pass