diff options
| author |   Benda Xu <heroxbd@gentoo.org> | 2013-10-31 20:20:56 +0900 |
|---|---|---|
| committer | Benda Xu <heroxbd@gentoo.org> | 2013-10-31 20:20:56 +0900 |
| commit | 383972cafb27122f55309592fd71d66c8dd2abbb (patch) | |
| tree | 66e93a04e9b7888ea57b39f2f70ee19d115cd8c0 /sys-apps/shadow/files/pam.d-include/su | |
| parent | revert bootstrap script from schoopy, before fully reviewed. (diff) | |
| download | heroxbd-383972cafb27122f55309592fd71d66c8dd2abbb.tar.gz heroxbd-383972cafb27122f55309592fd71d66c8dd2abbb.tar.bz2 heroxbd-383972cafb27122f55309592fd71d66c8dd2abbb.zip | |
track shadow for Prefix support
Diffstat (limited to 'sys-apps/shadow/files/pam.d-include/su')
| -rw-r--r-- | sys-apps/shadow/files/pam.d-include/su | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/sys-apps/shadow/files/pam.d-include/su b/sys-apps/shadow/files/pam.d-include/su new file mode 100644 index 0000000..d15c7ed --- /dev/null +++ b/sys-apps/shadow/files/pam.d-include/su @@ -0,0 +1,32 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so + +# If you want to restrict users begin allowed to su even more, +# create /etc/security/suauth.allow (or to that matter) that is only +# writable by root, and add users that are allowed to su to that +# file, one per line. +#auth required pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow + +# Uncomment this to allow users in the wheel group to su without +# entering a passwd. +#auth sufficient pam_wheel.so use_uid trust + +# Alternatively to above, you can implement a list of users that do +# not need to supply a passwd with a list. +#auth sufficient pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass + +# Comment this to allow any user, even those not in the 'wheel' +# group to su +auth required pam_wheel.so use_uid + +auth include system-auth + +account include system-auth + +password include system-auth + +session include system-auth +session required pam_env.so +session optional pam_xauth.so + |