diff options
| author | paul <paul> | 2003-08-12 12:54:13 +0000 |
|---|---|---|
| committer | paul <paul> | 2003-08-12 12:54:13 +0000 |
| commit | 6bd8fd3bb063a64d6e929910d297e2d8a760aea9 (patch) | |
| tree | 983d515a6a29011136fe8be67b00552d248f8ea0 /redhat/quagga.pam | |
| parent | 7190f4ea215c294abc269b6dfa12f5f114bd2ed6 (diff) | |
2003-08-12 Paul Jakma <paul@dishone.st>
* redhat/: zebra.{logrotate,pam,spec.in} ->
quagga.{logrotate,pam,spec.in}.
Diffstat (limited to 'redhat/quagga.pam')
| -rw-r--r-- | redhat/quagga.pam | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/redhat/quagga.pam b/redhat/quagga.pam new file mode 100644 index 00000000..f5b306e3 --- /dev/null +++ b/redhat/quagga.pam @@ -0,0 +1,26 @@ +#%PAM-1.0 +# + +##### if running zebra as root: +# Only allow root (and possibly wheel) to use this because enable access +# is unrestricted. +auth sufficient /lib/security/pam_rootok.so + +# Uncomment the following line to implicitly trust users in the "wheel" group. +#auth sufficient /lib/security/pam_wheel.so trust use_uid +# Uncomment the following line to require a user to be in the "wheel" group. +#auth required /lib/security/pam_wheel.so use_uid +########################################################### + +# If using zebra privileges and with a seperate group for vty access, then +# access can be controlled via the vty access group, and pam can simply +# check for valid user/password +# +# only allow local users. +auth required /lib/security/pam_securetty.so +auth required /lib/security/pam_stack.so service=system-auth +auth required /lib/security/pam_nologin.so +account required /lib/security/pam_stack.so service=system-auth +password required /lib/security/pam_stack.so service=system-auth +session required /lib/security/pam_stack.so service=system-auth +session optional /lib/security/pam_console.so |