Blame - redhat/quagga.pam - quagga

blob: 8ddc2bbe331f8b6f910c7bf8fdf2a80a48401e7b [file] [log] [blame]

paul	788cdc6	2003-01-18 00:22:08 +0000	[diff] [blame]	1	#%PAM-1.0
				2	#
paul	edd7c24	2003-06-04 13:59:38 +0000	[diff] [blame]	3
paul	5f5eab7	2003-08-12 12:56:00 +0000	[diff] [blame]	4	##### if running quagga as root:
paul	788cdc6	2003-01-18 00:22:08 +0000	[diff] [blame]	5	# Only allow root (and possibly wheel) to use this because enable access
				6	# is unrestricted.
paul	074a917	2004-06-06 10:27:53 +0000	[diff] [blame]	7	auth sufficient /lib/security/$ISA/pam_rootok.so
paul	788cdc6	2003-01-18 00:22:08 +0000	[diff] [blame]	8
paul	788cdc6	2003-01-18 00:22:08 +0000	[diff] [blame]	9	# Uncomment the following line to implicitly trust users in the "wheel" group.
paul	074a917	2004-06-06 10:27:53 +0000	[diff] [blame]	10	#auth sufficient /lib/security/$ISA/pam_wheel.so trust use_uid
paul	788cdc6	2003-01-18 00:22:08 +0000	[diff] [blame]	11	# Uncomment the following line to require a user to be in the "wheel" group.
paul	074a917	2004-06-06 10:27:53 +0000	[diff] [blame]	12	#auth required /lib/security/$ISA/pam_wheel.so use_uid
paul	edd7c24	2003-06-04 13:59:38 +0000	[diff] [blame]	13	###########################################################
				14
paul	5f5eab7	2003-08-12 12:56:00 +0000	[diff] [blame]	15	# If using quagga privileges and with a seperate group for vty access, then
paul	edd7c24	2003-06-04 13:59:38 +0000	[diff] [blame]	16	# access can be controlled via the vty access group, and pam can simply
paul	2f4453f	2003-08-13 06:05:01 +0000	[diff] [blame]	17	# check for valid user/password, eg:
paul	edd7c24	2003-06-04 13:59:38 +0000	[diff] [blame]	18	#
				19	# only allow local users.
paul	074a917	2004-06-06 10:27:53 +0000	[diff] [blame]	20	#auth required /lib/security/$ISA/pam_securetty.so
				21	#auth required /lib/security/$ISA/pam_stack.so service=system-auth
				22	#auth required /lib/security/$ISA/pam_nologin.so
				23	#account required /lib/security/$ISA/pam_stack.so service=system-auth
				24	#password required /lib/security/$ISA/pam_stack.so service=system-auth
				25	#session required /lib/security/$ISA/pam_stack.so service=system-auth
				26	#session optional /lib/security/$ISA/pam_console.so