| 788cdc6d |
1 | #%PAM-1.0 |
| 2 | # |
| edd7c245 |
3 | |
| c115e4a4 |
4 | ##### if running frr as root: |
| 788cdc6d |
5 | # Only allow root (and possibly wheel) to use this because enable access |
| 6 | # is unrestricted. |
| 8570676c |
7 | auth sufficient pam_rootok.so |
| 6031b8a3 |
8 | account sufficient pam_rootok.so |
| 788cdc6d |
9 | |
| 788cdc6d |
10 | # Uncomment the following line to implicitly trust users in the "wheel" group. |
| 8570676c |
11 | #auth sufficient pam_wheel.so trust use_uid |
| 788cdc6d |
12 | # Uncomment the following line to require a user to be in the "wheel" group. |
| 8570676c |
13 | #auth required pam_wheel.so use_uid |
| edd7c245 |
14 | ########################################################### |
| 15 | |
| c115e4a4 |
16 | # If using frr privileges and with a seperate group for vty access, then |
| edd7c245 |
17 | # access can be controlled via the vty access group, and pam can simply |
| 2f4453f4 |
18 | # check for valid user/password, eg: |
| edd7c245 |
19 | # |
| 20 | # only allow local users. |
| 8570676c |
21 | #auth required pam_securetty.so |
| 22 | #auth include system-auth |
| 23 | #auth required pam_nologin.so |
| 24 | #account include system-auth |
| 25 | #password include system-auth |
| 26 | #session include system-auth |
| 27 | #session optional pam_console.so |
projects / mirror_frr.git / blame