common-account 903 B

1234567891011121314151617181920
  1. #
  2. # /etc/pam.d/common-account - authorization settings common to all services
  3. #
  4. # This file is included from other service-specific PAM config files,
  5. # and should contain a list of the authorization modules that define
  6. # the central access policy for use on the system. The default is to
  7. # only deny service to users whose accounts are expired in /etc/shadow.
  8. #
  9. # here are the per-package modules (the "Primary" block)
  10. account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
  11. # here's the fallback if no module succeeds
  12. account requisite pam_deny.so
  13. # prime the stack with a positive return value if there isn't one already;
  14. # this avoids us returning an error just because nothing sets a success code
  15. # since the modules above will each just jump around
  16. account required pam_permit.so
  17. # and here are more per-package modules (the "Additional" block)
  18. # end of pam-auth-update config