From 6bd8fd3bb063a64d6e929910d297e2d8a760aea9 Mon Sep 17 00:00:00 2001 From: paul Date: Tue, 12 Aug 2003 12:54:13 +0000 Subject: 2003-08-12 Paul Jakma * redhat/: zebra.{logrotate,pam,spec.in} -> quagga.{logrotate,pam,spec.in}. --- redhat/quagga.pam | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 redhat/quagga.pam (limited to 'redhat/quagga.pam') diff --git a/redhat/quagga.pam b/redhat/quagga.pam new file mode 100644 index 00000000..f5b306e3 --- /dev/null +++ b/redhat/quagga.pam @@ -0,0 +1,26 @@ +#%PAM-1.0 +# + +##### if running zebra as root: +# Only allow root (and possibly wheel) to use this because enable access +# is unrestricted. +auth sufficient /lib/security/pam_rootok.so + +# Uncomment the following line to implicitly trust users in the "wheel" group. +#auth sufficient /lib/security/pam_wheel.so trust use_uid +# Uncomment the following line to require a user to be in the "wheel" group. +#auth required /lib/security/pam_wheel.so use_uid +########################################################### + +# If using zebra privileges and with a seperate group for vty access, then +# access can be controlled via the vty access group, and pam can simply +# check for valid user/password +# +# only allow local users. +auth required /lib/security/pam_securetty.so +auth required /lib/security/pam_stack.so service=system-auth +auth required /lib/security/pam_nologin.so +account required /lib/security/pam_stack.so service=system-auth +password required /lib/security/pam_stack.so service=system-auth +session required /lib/security/pam_stack.so service=system-auth +session optional /lib/security/pam_console.so -- cgit v1.2.1