diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2003-02-10 00:50:03 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2003-02-10 00:50:03 +0000 |
| commit | 75af7cb8a702c7d67cb58bfc845608453fa43738 (patch) | |
| tree | 977dcc9470d5a5c5834587ede08319b78f65a6ad | |
| parent | 87e55d07993850b80c47bc5743b9f0ceb6d65e15 (diff) | |
| download | src-75af7cb8a702c7d67cb58bfc845608453fa43738.tar.gz src-75af7cb8a702c7d67cb58bfc845608453fa43738.zip | |
Major cleanup & homogenization.
Notes
Notes:
svn path=/head/; revision=110608
| -rw-r--r-- | etc/pam.d/ftpd | 22 | ||||
| -rw-r--r-- | etc/pam.d/gdm | 23 | ||||
| -rw-r--r-- | etc/pam.d/imap | 10 | ||||
| -rw-r--r-- | etc/pam.d/kde | 21 | ||||
| -rw-r--r-- | etc/pam.d/login | 28 | ||||
| -rw-r--r-- | etc/pam.d/other | 19 | ||||
| -rw-r--r-- | etc/pam.d/passwd | 4 | ||||
| -rw-r--r-- | etc/pam.d/pop3 | 10 | ||||
| -rw-r--r-- | etc/pam.d/rexecd | 13 | ||||
| -rw-r--r-- | etc/pam.d/rsh | 10 | ||||
| -rw-r--r-- | etc/pam.d/sshd | 22 | ||||
| -rw-r--r-- | etc/pam.d/su | 53 | ||||
| -rw-r--r-- | etc/pam.d/telnetd | 25 | ||||
| -rw-r--r-- | etc/pam.d/xdm | 21 |
14 files changed, 150 insertions, 131 deletions
diff --git a/etc/pam.d/ftpd b/etc/pam.d/ftpd index bfbf9409d467..c217e0e28bfa 100644 --- a/etc/pam.d/ftpd +++ b/etc/pam.d/ftpd @@ -5,20 +5,20 @@ # # auth -auth required pam_nologin.so no_warn -#auth sufficient pam_kerberosIV.so no_warn -#auth sufficient pam_krb5.so no_warn -#auth sufficient pam_ssh.so no_warn try_first_pass -auth sufficient pam_opie.so no_warn no_fake_prompts +auth required pam_nologin.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts auth requisite pam_opieaccess.so no_warn -auth required pam_unix.so no_warn try_first_pass +#auth sufficient pam_kerberosIV.so no_warn +#auth sufficient pam_krb5.so no_warn +#auth sufficient pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass # account -#account required pam_kerberosIV.so -#account required pam_krb5.so +#account required pam_kerberosIV.so +#account required pam_krb5.so account required pam_unix.so # session -#session required pam_kerberosIV.so -#session required pam_krb5.so -#session required pam_ssh.so +#session required pam_kerberosIV.so +#session required pam_krb5.so +session required pam_permit.so diff --git a/etc/pam.d/gdm b/etc/pam.d/gdm index a10860170ffb..7b391b7ea47a 100644 --- a/etc/pam.d/gdm +++ b/etc/pam.d/gdm @@ -5,22 +5,19 @@ # # auth -auth required pam_nologin.so no_warn -#auth sufficient pam_kerberosIV.so no_warn try_first_pass -#auth sufficient pam_krb5.so no_warn try_first_pass -#auth sufficient pam_ssh.so no_warn try_first_pass -auth required pam_unix.so no_warn try_first_pass +auth required pam_nologin.so no_warn +#auth sufficient pam_kerberosIV.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass # account -#account required pam_kerberosIV.so -#account required pam_krb5.so +#account required pam_kerberosIV.so +#account required pam_krb5.so account required pam_unix.so # session -#session required pam_kerberosIV.so -#session required pam_krb5.so -#session required pam_ssh.so +#session required pam_kerberosIV.so +#session required pam_krb5.so +#session optional pam_ssh.so session required pam_permit.so - -# password -password required pam_deny.so diff --git a/etc/pam.d/imap b/etc/pam.d/imap index eaf53d29a9a9..b9d3829884a6 100644 --- a/etc/pam.d/imap +++ b/etc/pam.d/imap @@ -5,8 +5,8 @@ # # auth -#auth required pam_nologin.so no_warn -#auth sufficient pam_opie.so no_warn no_fake_prompts -#auth requisite pam_opieaccess.so no_warn -#auth required pam_ssh.so no_warn try_first_pass -#auth required pam_unix.so no_warn try_first_pass +#auth required pam_nologin.so no_warn +#auth sufficient pam_kerberosIV.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass diff --git a/etc/pam.d/kde b/etc/pam.d/kde index 4d23ae8b1781..7b0ea45eaa3f 100644 --- a/etc/pam.d/kde +++ b/etc/pam.d/kde @@ -5,10 +5,19 @@ # # auth -auth required pam_nologin.so no_warn -auth sufficient pam_opie.so no_warn no_fake_prompts -auth requisite pam_opieaccess.so no_warn +auth required pam_nologin.so no_warn #auth sufficient pam_kerberosIV.so no_warn try_first_pass -#auth sufficient pam_krb5.so no_warn try_first_pass -#auth required pam_ssh.so no_warn try_first_pass -auth required pam_unix.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass + +# account +#account required pam_kerberosIV.so +#account required pam_krb5.so +account required pam_unix.so + +# session +#session required pam_kerberosIV.so +#session required pam_krb5.so +#session optional pam_ssh.so +session required pam_permit.so diff --git a/etc/pam.d/login b/etc/pam.d/login index 997879d4e0ef..748ddaa06fd2 100644 --- a/etc/pam.d/login +++ b/etc/pam.d/login @@ -5,29 +5,29 @@ # # auth -auth required pam_nologin.so no_warn -auth sufficient pam_self.so no_warn -auth sufficient pam_opie.so no_warn no_fake_prompts +auth required pam_nologin.so no_warn +auth sufficient pam_self.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts auth requisite pam_opieaccess.so no_warn #auth sufficient pam_kerberosIV.so no_warn try_first_pass -#auth sufficient pam_krb5.so no_warn try_first_pass -#auth sufficient pam_ssh.so no_warn try_first_pass -auth required pam_unix.so no_warn try_first_pass nullok +#auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass nullok # account -#account required pam_kerberosIV.so -#account required pam_krb5.so +#account required pam_kerberosIV.so +#account required pam_krb5.so account required pam_login_access.so account required pam_securetty.so account required pam_unix.so # session -#session required pam_kerberosIV.so -#session required pam_krb5.so -#session required pam_ssh.so -session required pam_lastlog.so no_fail +#session required pam_kerberosIV.so +#session required pam_krb5.so +#session optional pam_ssh.so +session required pam_lastlog.so no_fail # password #password sufficient pam_kerberosIV.so no_warn try_first_pass -#password sufficient pam_krb5.so no_warn try_first_pass -password required pam_unix.so no_warn try_first_pass +#password sufficient pam_krb5.so no_warn try_first_pass +password required pam_unix.so no_warn try_first_pass diff --git a/etc/pam.d/other b/etc/pam.d/other index 81e0055312b4..c4fe614cf8e5 100644 --- a/etc/pam.d/other +++ b/etc/pam.d/other @@ -5,16 +5,25 @@ # # auth -auth required pam_nologin.so no_warn -auth sufficient pam_opie.so no_warn no_fake_prompts +auth required pam_nologin.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts auth requisite pam_opieaccess.so no_warn -auth required pam_unix.so no_warn try_first_pass +#auth sufficient pam_kerberosIV.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass # account +#account required pam_kerberosIV.so +#account required pam_krb5.so +account required pam_login_access.so account required pam_unix.so # session -session required pam_lastlog.so no_warn no_fail +#session required pam_kerberosIV.so +#session required pam_krb5.so +#session optional pam_ssh.so +session required pam_permit.so # password -password required pam_deny.so +password required pam_permit.so diff --git a/etc/pam.d/passwd b/etc/pam.d/passwd index d732c42266f9..fb768cf66014 100644 --- a/etc/pam.d/passwd +++ b/etc/pam.d/passwd @@ -7,5 +7,5 @@ # passwd(1) does not use the auth, account or session services. # password -#password requisite pam_passwdqc.so enforce=users -password required pam_unix.so no_warn try_first_pass +#password requisite pam_passwdqc.so enforce=users +password required pam_unix.so no_warn try_first_pass diff --git a/etc/pam.d/pop3 b/etc/pam.d/pop3 index 3657f12af5d4..3e915587a065 100644 --- a/etc/pam.d/pop3 +++ b/etc/pam.d/pop3 @@ -5,8 +5,8 @@ # # auth -#auth required pam_nologin.so no_warn -#auth sufficient pam_opie.so no_warn no_fake_prompts -#auth requisite pam_opieaccess.so no_warn -#auth required pam_ssh.so no_warn try_first_pass -#auth required pam_unix.so no_warn try_first_pass +#auth required pam_nologin.so no_warn +#auth sufficient pam_kerberosIV.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass diff --git a/etc/pam.d/rexecd b/etc/pam.d/rexecd index 2126f86d0e6a..532348ee9278 100644 --- a/etc/pam.d/rexecd +++ b/etc/pam.d/rexecd @@ -5,12 +5,15 @@ # # auth -auth required pam_nologin.so no_warn -auth required pam_unix.so no_warn use_first_pass +auth required pam_nologin.so no_warn +auth required pam_unix.so no_warn use_first_pass # account -account required pam_unix.so no_warn -account required pam_ftpusers.so no_warn disallow +account required pam_ftpusers.so no_warn disallow +account required pam_unix.so no_warn # session -session required pam_permit.so no_warn +session required pam_permit.so + +# password +password required pam_deny.so diff --git a/etc/pam.d/rsh b/etc/pam.d/rsh index c560463b12e8..02c0048eabf1 100644 --- a/etc/pam.d/rsh +++ b/etc/pam.d/rsh @@ -5,8 +5,14 @@ # # auth -auth required pam_nologin.so no_warn -auth required pam_rhosts.so no_warn +auth required pam_nologin.so no_warn +auth required pam_rhosts.so no_warn # account account required pam_unix.so + +# session +session required pam_permit.so + +# password +password required pam_deny.so diff --git a/etc/pam.d/sshd b/etc/pam.d/sshd index 41ab3b0149f4..b4f44bc798fc 100644 --- a/etc/pam.d/sshd +++ b/etc/pam.d/sshd @@ -5,19 +5,27 @@ # # auth -auth required pam_nologin.so no_warn -auth sufficient pam_opie.so no_warn no_fake_prompts -auth required pam_opieaccess.so no_warn -#auth sufficient pam_krb5.so no_warn try_first_pass -auth required pam_unix.so no_warn try_first_pass +auth required pam_nologin.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn +#auth sufficient pam_kerberosIV.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass # account +#account required pam_kerberosIV.so +#account required pam_krb5.so account required pam_login_access.so -#account required pam_krb5.so account required pam_unix.so # session +#session required pam_kerberosIV.so +#session required pam_krb5.so +#session optional pam_ssh.so session required pam_permit.so # password -password required pam_permit.so +#password sufficient pam_kerberosIV.so no_warn try_first_pass +#password sufficient pam_krb5.so no_warn try_first_pass +password required pam_unix.so no_warn try_first_pass diff --git a/etc/pam.d/su b/etc/pam.d/su index 01dd99f0fc20..18034740c3a4 100644 --- a/etc/pam.d/su +++ b/etc/pam.d/su @@ -5,49 +5,22 @@ # # auth -auth sufficient pam_rootok.so no_warn -auth sufficient pam_self.so no_warn -auth requisite pam_group.so no_warn root_only fail_safe -#auth sufficient pam_kerberosIV.so no_warn -#auth sufficient pam_krb5.so no_warn try_first_pass auth_as_self -auth sufficient pam_opie.so no_warn no_fake_prompts +auth sufficient pam_rootok.so no_warn +auth sufficient pam_self.so no_warn +auth requisite pam_group.so no_warn root_only fail_safe +auth sufficient pam_opie.so no_warn no_fake_prompts auth requisite pam_opieaccess.so no_warn -#auth required pam_ssh.so no_warn try_first_pass -auth required pam_unix.so no_warn try_first_pass nullok +#auth sufficient pam_kerberosIV.so no_warn +#auth sufficient pam_krb5.so no_warn try_first_pass auth_as_self +#auth required pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass nullok # account -#account required pam_kerberosIV.so -#account required pam_krb5.so +#account required pam_kerberosIV.so +#account required pam_krb5.so account required pam_unix.so # session -#session required pam_kerberosIV.so -#session required pam_krb5.so -#session required pam_ssh.so - -# password -password required pam_permit.so - - -# If you want a "WHEELSU"-type su(1), then comment out the -# above, and uncomment the entries below. -## auth -#auth sufficient pam_rootok.so no_warn -##auth sufficient pam_kerberosIV.so no_warn -##auth sufficient pam_krb5.so no_warn -#auth required pam_opie.so no_warn auth_as_self no_fake_prompts -#auth required pam_unix.so no_warn try_first_pass auth_as_self - -## account -##account required pam_kerberosIV.so -##account required pam_krb5.so -#account required pam_unix.so - -## session -##session required pam_kerberosIV.so -##session required pam_krb5.so -##session required pam_ssh.so -#session required pam_unix.so - -## password -#password required pam_permit.so +#session required pam_kerberosIV.so +#session required pam_krb5.so +#session optional pam_ssh.so diff --git a/etc/pam.d/telnetd b/etc/pam.d/telnetd index 25fa6cfb8f76..9934257356f2 100644 --- a/etc/pam.d/telnetd +++ b/etc/pam.d/telnetd @@ -5,10 +5,27 @@ # # auth -auth required pam_nologin.so no_warn -auth sufficient pam_opie.so no_warn no_fake_prompts -auth required pam_opieaccess.so no_warn -auth required pam_unix.so no_warn try_first_pass +auth required pam_nologin.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn +#auth sufficient pam_kerberosIV.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass # account +#account required pam_kerberosIV.so +#account required pam_krb5.so +account required pam_login_access.so account required pam_unix.so + +# session +#session required pam_kerberosIV.so +#session required pam_krb5.so +#session optional pam_ssh.so +session required pam_lastlog.so no_fail + +# password +#password sufficient pam_kerberosIV.so no_warn try_first_pass +#password sufficient pam_krb5.so no_warn try_first_pass +password required pam_unix.so no_warn try_first_pass diff --git a/etc/pam.d/xdm b/etc/pam.d/xdm index 4ad29e4e9682..4dcfb4c8709a 100644 --- a/etc/pam.d/xdm +++ b/etc/pam.d/xdm @@ -5,22 +5,19 @@ # # auth -auth required pam_nologin.so no_warn +auth required pam_nologin.so no_warn #auth sufficient pam_kerberosIV.so no_warn try_first_pass -#auth sufficient pam_krb5.so no_warn try_first_pass -#auth sufficient pam_ssh.so no_warn try_first_pass -auth required pam_unix.so no_warn try_first_pass +#auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass # account -#account required pam_kerberosIV.so -#account required pam_krb5.so +#account required pam_kerberosIV.so +#account required pam_krb5.so account required pam_unix.so # session -#session required pam_kerberosIV.so -#session required pam_krb5.so -#session required pam_ssh.so +#session required pam_kerberosIV.so +#session required pam_krb5.so +#session required pam_ssh.so session required pam_permit.so - -# password -password required pam_deny.so |