summaryrefslogtreecommitdiffstats
path: root/etc/pam.d
Commit message (Collapse)AuthorAgeFilesLines
* Silence pam_lastlog for now.des2002-07-071-1/+1
|
* We don't use this any more.des2002-06-192-10/+1
| | | | Sponsored by: DARPA, NAI Labs
* Enable OPIE for sshd and telnetd. I thought I'd done this a long timedes2002-06-192-0/+4
| | | | | | ago... Sponsored by: DARPA, NAI Labs
* Use pam_lastlog(8)'s new no_fail option.des2002-05-083-3/+3
| | | | Sponsored by: DARPA, NAI Labs
* Add a PAM policy for rexecd(8).des2002-05-022-1/+17
| | | | Sponsored by: DARPA, NAI Labs
* xdm plays horrid tricks with PAM, and dumps core if it's allowed to calldes2002-05-022-0/+2
| | | | | | | | pam_lastlog, so add a dummy session chain to avoid using the one from pam.d/other. I assume gdm does something similar, so give it a dummy session chain as well. Sponsored by: DARPA, NAI Labs.
* Add no_warn to pam_lastlog. This should prevent xdm from dumping coredes2002-04-291-1/+1
| | | | when linked with Linux-PAM.
* Don't list pam_unix in the session chain, since it does not provide anydes2002-04-189-11/+1
| | | | | | session management services. Sponsored by: DARPA, NAI Labs
* Fixed bugs in previous revision:ru2002-04-181-20/+6
| | | | | | | | | | | | | Added NOOBJ if anyone even attempts to "make obj" here. Revert to installing files with mode 644 except README. Make this overall look like a BSD-style Makefile rather than roll-your-own (this is not a bug). For the record. Previous revision also fixed the breakage introduced by the sys.mk,v 1.60 commit: bsd.own.mk is no longer automatically included from sys.mk. Reported by: jhay
* Use ${FILES} and <bsd.prog.mk> rather than roll-your-own.des2002-04-181-22/+21
|
* Add PAM policy for the "passwd" service, including a sample config linedes2002-04-152-0/+12
| | | | | | for pam_passwdqc. Sponsored by: DARPA, NAI Labs
* Add pam_lastlog(8) here since I removed lastlog support from sshd.des2002-04-151-0/+1
| | | | Sponsored by: DARPA, NAI Labs
* Use pam_rhosts(8).des2002-04-121-1/+1
|
* If used, pam_ssh should be marked "sufficient", not "required".des2002-04-081-1/+1
| | | | Sponsored by: DARPA, NAI Labs
* Switch over to using pam_login_access(8) module in sshd(8).ru2002-03-261-0/+1
| | | | | | (Fixes static compilation. Reduces diffs to OpenSSH.) Reviewed by: bde
* Add missing "nullok" option to pam_unix.des2002-02-081-1/+1
|
* Add pam_self(8) so users can login(1) as themselves without authentication,des2002-01-301-0/+4
| | | | | | | | pam_login_access(8) and pam_securetty(8) to enforce various checks previously done by login(1) but now handled by PAM, and pam_lastlog(8) to record login sessions in utmp / wtmp / lastlog. Sponsored by: DARPA, NAI Labs
* Use pam_self(8) to allow users to su(1) to themselves without authentication.des2002-01-301-0/+1
| | | | Sponsored by: DARPA, NAI Labs
* Enable OPIE by default, using the no_fake_prompts option to hide it fromdes2002-01-219-23/+40
| | | | | | | | | | | | | | users who don't wish to use it. If the admin is worried about leaking information about which users exist and which have OPIE enabled, the no_fake_prompts option can simply be removed. Also insert the appropriate pam_opieaccess lines after pam_opie to break the chain in case the user is logging in from an untrusted host, or has a .opiealways file. The entire opieaccess / opiealways concept is slightly unpammish, but admins familiar with OPIE will expect it to work. Reviewed by: ache, markm Sponsored by: DARPA, NAI Labs
* Really back out ache's commits. These files are now precisely as they weredes2002-01-193-4/+7
| | | | twentyfour hours ago, except for RCS ids.
* Back out recent changesache2002-01-193-3/+3
|
* Turn on pam_opie by default. It should not affect non-OPIE users.ache2002-01-191-1/+1
|
* Turn on pam_opie by default. It not affect non-OPIE usersache2002-01-191-2/+1
|
* Previous commit was incomplete, useache2002-01-191-1/+1
| | | | | "[default=ignore success=done cred_err=die]" options instead of "required"
* Remove explaining comment and pam_unix commented out, now pam_unix can beache2002-01-191-4/+1
| | | | chained with pam_opie
* Change comment since fallback provided now not by ftpd but by pam_opieache2002-01-191-1/+2
|
* Unmunge the version preservation code and obfuscate it so CVS won't mungedes2002-01-121-2/+2
| | | | it all over again.
* Back out previous commit, which erroneously removed essential comments. Ides2002-01-121-1/+3
| | | | | | definitely need coffee. Apologies to: ache
* Update copyrightdes2002-01-121-1/+1
|
* Sync with pam.conf revision 1.25.des2002-01-121-3/+1
|
* Preserve FreeBSD version strings in target files.des2002-01-121-1/+11
|
* Improve pam_unix/opie related ftpd comment even moreache2002-01-021-1/+3
|
* Clarify comment about pam_unix fallback for ftpdache2002-01-011-1/+1
|
* Turn on pam_opie.so for ftpd by defaultache2002-01-011-3/+3
| | | | It not affect non-OPIE users
* Install pam.d files with mode 0644, not 0755.des2001-12-061-1/+1
|
* Makefile for pam.d configuration files.des2001-12-061-0/+24
| | | | Sponsored by: DARPA, NAI Labs
* Awright, egg on my face. I should have taken more time with this. Thedes2001-12-0517-135/+139
| | | | | | | conversion script generated the wrong format, so the configuration files didn't actually work. Good thing I hadn't thrown the switch yet... Sponsored by: DARPA, NAI Labs (but the f***ups are all mine)
* pam.d-style configuration, auto-generated from pam.conf.des2001-12-0515-0/+286
| | | | Sponsored by: DARPA, NAI Labs
* Short README for /etc/pam.d, mostly extracted from the comments in pam.conf.des2001-12-051-0/+60
|
* Perl script that splits pam.conf into separate files suitable for pam.d.des2001-12-051-0/+73
Sponsored by: DARPA, NAI Labs
OpenPOWER on IntegriCloud