diff options
author | davidovski <david@davidovski.xyz> | 2022-04-11 13:30:34 +0100 |
---|---|---|
committer | davidovski <david@davidovski.xyz> | 2022-04-11 13:30:34 +0100 |
commit | bce4ac0f65ffb8bedcdcbdb94eb796457b12f9e1 (patch) | |
tree | 5070b9f21b192e6aa0f2a92584a7cbbc6a00d68c /extra/shadow | |
parent | 65f2daa1e41f38db5e29a73af9c02d6c390b1d24 (diff) |
added files for pam and shadow
Diffstat (limited to 'extra/shadow')
-rw-r--r-- | extra/shadow/chage.pamd | 11 | ||||
-rw-r--r-- | extra/shadow/chpasswd.pamd | 12 | ||||
-rw-r--r-- | extra/shadow/login.pamd | 46 | ||||
-rw-r--r-- | extra/shadow/newusers.pamd | 12 | ||||
-rw-r--r-- | extra/shadow/passwd.pamd | 6 | ||||
-rw-r--r-- | extra/shadow/su.pamd | 27 |
6 files changed, 114 insertions, 0 deletions
diff --git a/extra/shadow/chage.pamd b/extra/shadow/chage.pamd new file mode 100644 index 0000000..3f277f8 --- /dev/null +++ b/extra/shadow/chage.pamd @@ -0,0 +1,11 @@ +# Begin /etc/pam.d/chage + +# always allow root +auth sufficient pam_rootok.so + +# include system auth and account settings +auth include system-auth +account include system-account + +# End /etc/pam.d/chage + diff --git a/extra/shadow/chpasswd.pamd b/extra/shadow/chpasswd.pamd new file mode 100644 index 0000000..81afbee --- /dev/null +++ b/extra/shadow/chpasswd.pamd @@ -0,0 +1,12 @@ +# Begin /etc/pam.d/newusers + +# always allow root +auth sufficient pam_rootok.so + +# include system auth and account settings +auth include system-auth +account include system-account +password include system-password + +# End /etc/pam.d/newusers + diff --git a/extra/shadow/login.pamd b/extra/shadow/login.pamd new file mode 100644 index 0000000..c6410c1 --- /dev/null +++ b/extra/shadow/login.pamd @@ -0,0 +1,46 @@ +# Begin /etc/pam.d/login + +# Set failure delay before next prompt to 3 seconds +auth optional pam_faildelay.so delay=3000000 + +# Check to make sure that the user is allowed to login +auth requisite pam_nologin.so + +# Check to make sure that root is allowed to login +# Disabled by default. You will need to create /etc/securetty +# file for this module to function. See man 5 securetty. +#auth required pam_securetty.so + +# Additional group memberships - disabled by default +#auth optional pam_group.so + +# include system auth settings +auth include system-auth + +# check access for the user +account required pam_access.so + +# include system account settings +account include system-account + +# Set default environment variables for the user +session required pam_env.so + +# Set resource limits for the user +session required pam_limits.so + +# Display date of last login - Disabled by default +#session optional pam_lastlog.so + +# Display the message of the day - Disabled by default +#session optional pam_motd.so + +# Check user's mail - Disabled by default +#session optional pam_mail.so standard quiet + +# include system session and password settings +session include system-session +password include system-password + +# End /etc/pam.d/login + diff --git a/extra/shadow/newusers.pamd b/extra/shadow/newusers.pamd new file mode 100644 index 0000000..57f5cfa --- /dev/null +++ b/extra/shadow/newusers.pamd @@ -0,0 +1,12 @@ +# Begin /etc/pam.d/chpasswd + +# always allow root +auth sufficient pam_rootok.so + +# include system auth and account settings +auth include system-auth +account include system-account +password include system-password + +# End /etc/pam.d/chpasswd + diff --git a/extra/shadow/passwd.pamd b/extra/shadow/passwd.pamd new file mode 100644 index 0000000..83459e3 --- /dev/null +++ b/extra/shadow/passwd.pamd @@ -0,0 +1,6 @@ +# Begin /etc/pam.d/passwd + +password include system-password + +# End /etc/pam.d/passwd + diff --git a/extra/shadow/su.pamd b/extra/shadow/su.pamd new file mode 100644 index 0000000..ca6ab90 --- /dev/null +++ b/extra/shadow/su.pamd @@ -0,0 +1,27 @@ +# Begin /etc/pam.d/su + +# always allow root +auth sufficient pam_rootok.so + +# Allow users in the wheel group to execute su without a password +# disabled by default +#auth sufficient pam_wheel.so trust use_uid + +# include system auth settings +auth include system-auth + +# limit su to users in the wheel group +# disabled by default +#auth required pam_wheel.so use_uid + +# include system account settings +account include system-account + +# Set default environment variables for the service user +session required pam_env.so + +# include system session settings +session include system-session + +# End /etc/pam.d/su + |