Post-freeze patch: remove Password: prompt after failed 2fa

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

Post-freeze I would like to merge the following patch, which will remove the
Password: promot on RHEL7 boxes after a failed pasword+token.




commit 17f4dce44a5f105cb2f7850085d42626e054c224
Author: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
Date:   Wed Sep 16 17:57:02 2015 +0000

    Remove the Password: promopt when 2fa failed

diff --git a/files/2fa/sudo.pam b/files/2fa/sudo.pam
index aa59ebf..08f7630 100644
- --- a/files/2fa/sudo.pam
+++ b/files/2fa/sudo.pam
@@ -1,6 +1,6 @@
 #%PAM-1.0
 auth       required     pam_env.so
- -auth       sufficient   pam_url.so config=/etc/pam_url.conf
+auth       requisite    pam_url.so config=/etc/pam_url.conf
 auth       requisite    pam_succeed_if.so uid >= 500 quiet
 auth       required     pam_deny.so
 
diff --git a/roles/totpcgi/files/sudo.pam b/roles/totpcgi/files/sudo.pam
index aa59ebf..08f7630 100644
- --- a/roles/totpcgi/files/sudo.pam
+++ b/roles/totpcgi/files/sudo.pam
@@ -1,6 +1,6 @@
 #%PAM-1.0
 auth       required     pam_env.so
- -auth       sufficient   pam_url.so config=/etc/pam_url.conf
+auth       requisite    pam_url.so config=/etc/pam_url.conf
 auth       requisite    pam_succeed_if.so uid >= 500 quiet
 auth       required     pam_deny.so
 


- -- 
With kind regards,
Patrick Uiterwijk
Fedora Infra
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJV+a4HAAoJEIZXmA2atR5QNM8P/RtSRb7i8ThDKunZ07MoDOJq
kQ9uI9l7OUkQmJEywxaMg73GhJdtSj0wYQ2qU+ILm3DAWR4zAOrITdrobdjj/RKm
6B7Pnzu6Hjtlqx7mzF6ZpkWzNLhDxSV5iGGSSEsSr9QxDew1FGLBf9Cy7qfL8s6A
tyYQ5BueUWElPK+N4q9trknbv9PkCnw9mriiAnzQECvKCPcKzNmV1nAwriFu6GA3
slhAfAnO5VijCv1LdOfftFZmH1c1TdSAZRUta1NYEEyaxuZCLT4YVtyv1SibRI2Q
zrhbFjgfJzWPMxlREFIXsKiYniBFay2fwmMed+jhimi4XyhlwcFgHXUKQL5ImlEE
a+UMBW3yNDOPkLbmoKZboP0uH4KxzSh5Lm6UnQ/2X/aKnjylFg6PwsSBlDlbax6x
5WN0jjGumrPdc1a1jN8lyG8Efdu/dFc0t14lsOYJUly6MWllq7RpNYLXh6KTwhyX
hrjiGiDZt3Y4gsO585xN3gSRIY0xqEFG5+B8IfSG0QD1GjGr8TZSJ16IMw6F+46a
D4JY8XgrR5la/+uISjey+GU2k4MhjP9gyL18dw1oQYX1bWZq2NPerfKvlGuHZz8l
bI85GObr3pM3Lbv1iyOFWbabZ2xpk0Dsf2ViYLy9zgusumAyhkIy4UMbQVsbMC9d
f9VLcgTfdjxW14Sx02yw
=itcm
-----END PGP SIGNATURE-----
_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
http://lists.fedoraproject.org/postorius/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux