paul | 8570676 | 2005-11-04 12:25:23 +0000 | [diff] [blame^] | 1 | #%PAM-1.0 |
| 2 | # |
| 3 | |
| 4 | ##### if running quagga as root: |
| 5 | # Only allow root (and possibly wheel) to use this because enable access |
| 6 | # is unrestricted. |
| 7 | auth sufficient /lib/security/$ISA/pam_rootok.so |
| 8 | |
| 9 | # Uncomment the following line to implicitly trust users in the "wheel" group. |
| 10 | #auth sufficient /lib/security/$ISA/pam_wheel.so trust use_uid |
| 11 | # Uncomment the following line to require a user to be in the "wheel" group. |
| 12 | #auth required /lib/security/$ISA/pam_wheel.so use_uid |
| 13 | ########################################################### |
| 14 | |
| 15 | # If using quagga privileges and with a seperate group for vty access, then |
| 16 | # access can be controlled via the vty access group, and pam can simply |
| 17 | # check for valid user/password, eg: |
| 18 | # |
| 19 | # only allow local users. |
| 20 | #auth required /lib/security/$ISA/pam_securetty.so |
| 21 | #auth required /lib/security/$ISA/pam_stack.so service=system-auth |
| 22 | #auth required /lib/security/$ISA/pam_nologin.so |
| 23 | #account required /lib/security/$ISA/pam_stack.so service=system-auth |
| 24 | #password required /lib/security/$ISA/pam_stack.so service=system-auth |
| 25 | #session required /lib/security/$ISA/pam_stack.so service=system-auth |
| 26 | #session optional /lib/security/$ISA/pam_console.so |