diff options
author | Deposite Pirate | 2018-09-16 18:47:05 +0200 |
---|---|---|
committer | Deposite Pirate | 2018-09-16 18:47:05 +0200 |
commit | f29d3519ce073ec30f99754d93304324f7f26d65 (patch) | |
tree | 24082fb10d4979792f67961c24a812644210db34 /base/bin/config/pam.d |
Initial commit.
Diffstat (limited to 'base/bin/config/pam.d')
25 files changed, 190 insertions, 0 deletions
diff --git a/base/bin/config/pam.d/Makefile b/base/bin/config/pam.d/Makefile new file mode 100644 index 0000000..74076ab --- /dev/null +++ b/base/bin/config/pam.d/Makefile @@ -0,0 +1,17 @@ +include ../common.mk + +FILES_BASE = other system-auth system-local-login system-login system-remote-login system-services +FILES_UTIL = chage chfn chgpasswd chpasswd chsh groupadd groupdel groupmems groupmod login newusers passwd shadow su su-l useradd userdel usermod + +# $(INSTALLDAT) $(FILES_BASE) $(DESTDIR)$(PAMPOLICYDIR) + +install-pam-policy-dir: + $(INSTALLDIR) $(DESTDIR)$(PAMPOLICYDIR) + +install-pam-policy-base: install-pam-policy-dir + for file in $(FILES_BASE); do $(INSTALLDAT) $$file $(DESTDIR)$(PAMPOLICYDIR)/$$file$(EXT); done + +install-pam-policy-util: install-pam-policy-dir + for file in $(FILES_UTIL); do $(INSTALLDAT) $$file $(DESTDIR)$(PAMPOLICYDIR)/$$file$(EXT); done + +.PHONY: install-pam-policy-dir install-pam-policy-base install-pam-policy-util diff --git a/base/bin/config/pam.d/chage b/base/bin/config/pam.d/chage new file mode 100644 index 0000000..a7bf8a4 --- /dev/null +++ b/base/bin/config/pam.d/chage @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_permit.so diff --git a/base/bin/config/pam.d/chfn b/base/bin/config/pam.d/chfn new file mode 100644 index 0000000..a7bf8a4 --- /dev/null +++ b/base/bin/config/pam.d/chfn @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_permit.so diff --git a/base/bin/config/pam.d/chgpasswd b/base/bin/config/pam.d/chgpasswd new file mode 100644 index 0000000..8f49f5c --- /dev/null +++ b/base/bin/config/pam.d/chgpasswd @@ -0,0 +1,4 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +account required pam_permit.so +password include system-auth diff --git a/base/bin/config/pam.d/chpasswd b/base/bin/config/pam.d/chpasswd new file mode 100644 index 0000000..5d44798 --- /dev/null +++ b/base/bin/config/pam.d/chpasswd @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_unix.so sha512 shadow diff --git a/base/bin/config/pam.d/chsh b/base/bin/config/pam.d/chsh new file mode 100644 index 0000000..a7bf8a4 --- /dev/null +++ b/base/bin/config/pam.d/chsh @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_permit.so diff --git a/base/bin/config/pam.d/groupadd b/base/bin/config/pam.d/groupadd new file mode 100644 index 0000000..a7bf8a4 --- /dev/null +++ b/base/bin/config/pam.d/groupadd @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_permit.so diff --git a/base/bin/config/pam.d/groupdel b/base/bin/config/pam.d/groupdel new file mode 100644 index 0000000..a7bf8a4 --- /dev/null +++ b/base/bin/config/pam.d/groupdel @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_permit.so diff --git a/base/bin/config/pam.d/groupmems b/base/bin/config/pam.d/groupmems new file mode 100644 index 0000000..8f49f5c --- /dev/null +++ b/base/bin/config/pam.d/groupmems @@ -0,0 +1,4 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +account required pam_permit.so +password include system-auth diff --git a/base/bin/config/pam.d/groupmod b/base/bin/config/pam.d/groupmod new file mode 100644 index 0000000..a7bf8a4 --- /dev/null +++ b/base/bin/config/pam.d/groupmod @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_permit.so diff --git a/base/bin/config/pam.d/login b/base/bin/config/pam.d/login new file mode 100644 index 0000000..1960d94 --- /dev/null +++ b/base/bin/config/pam.d/login @@ -0,0 +1,7 @@ +#%PAM-1.0 + +auth required pam_securetty.so +auth requisite pam_nologin.so +auth include system-local-login +account include system-local-login +session include system-local-login diff --git a/base/bin/config/pam.d/newusers b/base/bin/config/pam.d/newusers new file mode 100644 index 0000000..5d44798 --- /dev/null +++ b/base/bin/config/pam.d/newusers @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_unix.so sha512 shadow diff --git a/base/bin/config/pam.d/other b/base/bin/config/pam.d/other new file mode 100644 index 0000000..08498b4 --- /dev/null +++ b/base/bin/config/pam.d/other @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth required pam_unix.so +account required pam_unix.so +password required pam_unix.so +session required pam_unix.so diff --git a/base/bin/config/pam.d/passwd b/base/bin/config/pam.d/passwd new file mode 100644 index 0000000..ab56da4 --- /dev/null +++ b/base/bin/config/pam.d/passwd @@ -0,0 +1,4 @@ +#%PAM-1.0 +#password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 +#password required pam_unix.so sha512 shadow use_authtok +password required pam_unix.so sha512 shadow nullok diff --git a/base/bin/config/pam.d/shadow b/base/bin/config/pam.d/shadow new file mode 100644 index 0000000..a7bf8a4 --- /dev/null +++ b/base/bin/config/pam.d/shadow @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_permit.so diff --git a/base/bin/config/pam.d/su b/base/bin/config/pam.d/su new file mode 100644 index 0000000..cf15f40 --- /dev/null +++ b/base/bin/config/pam.d/su @@ -0,0 +1,9 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +# Uncomment the following line to implicitly trust users in the "wheel" group. +#auth sufficient pam_wheel.so trust use_uid +# Uncomment the following line to require a user to be in the "wheel" group. +#auth required pam_wheel.so use_uid +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so diff --git a/base/bin/config/pam.d/su-l b/base/bin/config/pam.d/su-l new file mode 100644 index 0000000..cf15f40 --- /dev/null +++ b/base/bin/config/pam.d/su-l @@ -0,0 +1,9 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +# Uncomment the following line to implicitly trust users in the "wheel" group. +#auth sufficient pam_wheel.so trust use_uid +# Uncomment the following line to require a user to be in the "wheel" group. +#auth required pam_wheel.so use_uid +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so diff --git a/base/bin/config/pam.d/system-auth b/base/bin/config/pam.d/system-auth new file mode 100644 index 0000000..b28a7e9 --- /dev/null +++ b/base/bin/config/pam.d/system-auth @@ -0,0 +1,17 @@ +#%PAM-1.0 + +auth required pam_env.so +auth required pam_unix.so try_first_pass nullok +auth optional pam_permit.so + +account required pam_unix.so +account optional pam_permit.so +account required pam_time.so + +password required pam_unix.so try_first_pass nullok sha512 shadow +password optional pam_permit.so + +session required pam_limits.so +session required pam_env.so +session required pam_unix.so +session optional pam_permit.so diff --git a/base/bin/config/pam.d/system-local-login b/base/bin/config/pam.d/system-local-login new file mode 100644 index 0000000..347b815 --- /dev/null +++ b/base/bin/config/pam.d/system-local-login @@ -0,0 +1,6 @@ +#%PAM-1.0 + +auth include system-login +account include system-login +password include system-login +session include system-login diff --git a/base/bin/config/pam.d/system-login b/base/bin/config/pam.d/system-login new file mode 100644 index 0000000..394419b --- /dev/null +++ b/base/bin/config/pam.d/system-login @@ -0,0 +1,19 @@ +#%PAM-1.0 + +auth required pam_tally2.so onerr=succeed file=/var/log/faillog +auth required pam_shells.so +auth requisite pam_nologin.so +auth include system-auth + +account required pam_access.so +account required pam_nologin.so +account include system-auth + +password include system-auth + +session optional pam_loginuid.so +session required pam_env.so +session include system-auth +session optional pam_motd.so motd=/etc/motd +session optional pam_mail.so dir=/var/spool/mail standard quiet +-session optional pam_systemd.so diff --git a/base/bin/config/pam.d/system-remote-login b/base/bin/config/pam.d/system-remote-login new file mode 100644 index 0000000..347b815 --- /dev/null +++ b/base/bin/config/pam.d/system-remote-login @@ -0,0 +1,6 @@ +#%PAM-1.0 + +auth include system-login +account include system-login +password include system-login +session include system-login diff --git a/base/bin/config/pam.d/system-services b/base/bin/config/pam.d/system-services new file mode 100644 index 0000000..311c0d6 --- /dev/null +++ b/base/bin/config/pam.d/system-services @@ -0,0 +1,11 @@ +#%PAM-1.0 + +auth sufficient pam_permit.so + +account include system-auth + +session optional pam_loginuid.so +session required pam_limits.so +session required pam_env.so +session required pam_unix.so +session optional pam_permit.so diff --git a/base/bin/config/pam.d/useradd b/base/bin/config/pam.d/useradd new file mode 100644 index 0000000..a7bf8a4 --- /dev/null +++ b/base/bin/config/pam.d/useradd @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_permit.so diff --git a/base/bin/config/pam.d/userdel b/base/bin/config/pam.d/userdel new file mode 100644 index 0000000..a7bf8a4 --- /dev/null +++ b/base/bin/config/pam.d/userdel @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_permit.so diff --git a/base/bin/config/pam.d/usermod b/base/bin/config/pam.d/usermod new file mode 100644 index 0000000..a7bf8a4 --- /dev/null +++ b/base/bin/config/pam.d/usermod @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_permit.so |