Changeset 528


Ignore:
Timestamp:
Feb 14, 2010, 11:43:23 PM (15 years ago)
Author:
sebas
Message:

agrege la configuration de pam_ldap

Location:
trunk/puppet/modules/puppet-openldap/files/etc/pam.d
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/puppet/modules/puppet-openldap/files/etc/pam.d/common-account

    r527 r528  
    1515
    1616# here are the per-package modules (the "Primary" block)
    17 account [success=1 new_authtok_reqd=done default=ignore]        pam_unix.so
     17account [success=2 new_authtok_reqd=done default=ignore]        pam_unix.so
     18account [success=1 default=ignore]      pam_ldap.so
    1819# here's the fallback if no module succeeds
    1920account requisite                       pam_deny.so
  • trunk/puppet/modules/puppet-openldap/files/etc/pam.d/common-auth

    r527 r528  
    1515
    1616# here are the per-package modules (the "Primary" block)
    17 auth    [success=1 default=ignore]      pam_unix.so nullok_secure
     17auth    [success=2 default=ignore]      pam_unix.so nullok_secure
     18auth    [success=1 default=ignore]      pam_ldap.so use_first_pass
    1819# here's the fallback if no module succeeds
    1920auth    requisite                       pam_deny.so
  • trunk/puppet/modules/puppet-openldap/files/etc/pam.d/common-password

    r527 r528  
    2323
    2424# here are the per-package modules (the "Primary" block)
    25 password        [success=1 default=ignore]      pam_unix.so obscure sha512
     25password        requisite                       pam_cracklib.so retry=3 minlen=8 difok=3
     26password        [success=2 default=ignore]      pam_unix.so obscure use_authtok try_first_pass sha512
     27password        [success=1 user_unknown=ignore default=die]     pam_ldap.so use_authtok try_first_pass
    2628# here's the fallback if no module succeeds
    2729password        requisite                       pam_deny.so
  • trunk/puppet/modules/puppet-openldap/files/etc/pam.d/common-session

    r527 r528  
    2222session required                        pam_permit.so
    2323# and here are more per-package modules (the "Additional" block)
    24 session required        pam_unix.so
     24session required                        pam_unix.so
     25session optional                        pam_ldap.so
    2526session optional                        pam_ck_connector.so nox11
    2627# end of pam-auth-update config
     28
     29# if the home dir is not there, pam creates it with the umask provided + /etc/skel/
     30session required        pam_mkhomedir.so skel=/etc/skel/ umask=0077
Note: See TracChangeset for help on using the changeset viewer.