| 788cdc6d |
1 | #%PAM-1.0 |
| 2 | # |
| edd7c245 |
3 | |
| 5f5eab78 |
4 | ##### if running quagga as root: |
| 788cdc6d |
5 | # Only allow root (and possibly wheel) to use this because enable access |
| 6 | # is unrestricted. |
| 9abb7b78 |
7 | auth sufficient /lib/security/pam_rootok.so |
| 788cdc6d |
8 | |
| 788cdc6d |
9 | # Uncomment the following line to implicitly trust users in the "wheel" group. |
| 10 | #auth sufficient /lib/security/pam_wheel.so trust use_uid |
| 11 | # Uncomment the following line to require a user to be in the "wheel" group. |
| 12 | #auth required /lib/security/pam_wheel.so use_uid |
| edd7c245 |
13 | ########################################################### |
| 14 | |
| 5f5eab78 |
15 | # If using quagga privileges and with a seperate group for vty access, then |
| edd7c245 |
16 | # access can be controlled via the vty access group, and pam can simply |
| 17 | # check for valid user/password |
| 18 | # |
| 19 | # only allow local users. |
| 20 | auth required /lib/security/pam_securetty.so |
| 21 | auth required /lib/security/pam_stack.so service=system-auth |
| 22 | auth required /lib/security/pam_nologin.so |
| 23 | account required /lib/security/pam_stack.so service=system-auth |
| 24 | password required /lib/security/pam_stack.so service=system-auth |
| 25 | session required /lib/security/pam_stack.so service=system-auth |
| 26 | session optional /lib/security/pam_console.so |
projects / mirror_frr.git / blame