blob: 1390edf4a327d9032bb032dcf9584dd3bed16bde [file] [log] [blame]
#%PAM-1.0
#
##### if running zebra as root:
# Only allow root (and possibly wheel) to use this because enable access
# is unrestricted.
# auth sufficient /lib/security/pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient /lib/security/pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth required /lib/security/pam_wheel.so use_uid
###########################################################
# If using zebra privileges and with a seperate group for vty access, then
# access can be controlled via the vty access group, and pam can simply
# check for valid user/password
#
# only allow local users.
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so