blob: 00cd3bdcca3a37d5f7e95f226680010b72b4111c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
#%PAM-1.0
auth sufficient /lib/security/pam_rootok.so
# If you want to restrict users begin allowed to su even more,
# create /etc/security/suauth.allow (or to that matter) that is only
# writable by root, and add users that are allowed to su to that
# file, one per line.
#auth required /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow
# Uncomment this to allow users in the wheel group to su without
# entering a passwd.
#auth sufficient /lib/security/pam_wheel.so use_uid trust
# Alternatively to above, you can implement a list of users that do
# not need to supply a passwd with a list.
#auth sufficient /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass
# Comment this to allow any user, even those not in the 'wheel'
# group to su
auth required /lib/security/pam_wheel.so use_uid
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_xauth.so
|
GitWeb
