From: Todd C. Miller Date: Mon, 6 Sep 2004 16:10:42 +0000 (+0000) Subject: Update for current redhat/fedora core. X-Git-Tag: SUDO_1_6_8p1~44 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e410bbb589d4b0ae38e91d104a746935c236ba70;p=sudo Update for current redhat/fedora core. --- diff --git a/sample.pam b/sample.pam index b2efeabb7..603fdede6 100644 --- a/sample.pam +++ b/sample.pam @@ -1,8 +1,30 @@ #%PAM-1.0 -# Sample /etc/pam.d/sudo file for RedHat Linux 5.0 and above. -# This is where you configure your authorization method. The uncommented -# line below does 'normal' (/etc/passwd) authentication. The commented line -# just above is what I use on my system, which allows my users to validate -# against our Windows NT domain. - GJC -#auth required /lib/security/pam_smb_auth.so -auth required /lib/security/pam_pwdb.so shadow nullok +# Sample /etc/pam.d/sudo file for RedHat 9 / Fedora Core. +# For other Linux distributions you may want to +# use /etc/pam.d/sshd or /etc/pam.d/su as a guide. +# +# There are two basic ways to configure PAM, either via pam_stack +# or by explicitly specifying the various methods to use. +# +# Here we use pam_stack +auth required pam_stack.so service=system-auth +account required pam_stack.so service=system-auth +password required pam_stack.so service=system-auth +session required pam_stack.so service=system-auth +# +# Alternately, you can specify the authentication method directly. +# Here we use pam_unix for normal password authentication. +#auth required pam_env.so +#auth sufficient pam_unix.so +#account required pam_unix.so +#password required pam_cracklib.so retry=3 type= +#password required pam_unix.so nullok use_authtok md5 shadow +#session required pam_limits.so +#session required pam_unix.so +# +# Another option is to use SMB for authentication. +#auth required pam_env.so +#auth sufficient pam_smb_auth.so +#account required pam_smb_auth.so +#password required pam_smb_auth.so +#session required pam_limits.so