Re: pam settings INSECURE

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



At Mittwoch, 18. November 2009 14:07 Xavier wrote:

I hope this could be a help for someone who knows how to configurate pam.-)

> And I am curious to know what the pam settings of other distro are
> (debian,fedora,gentoo,..).

Opensuse with the KDE43 repo has no /etc/pam.d/kde file and they used for 
configuration of the common files an own tool with the name pam-config.

Here be the content of login and the common files:

/etc/pam.d/login:
#%PAM-1.0
auth	 requisite	pam_nologin.so
auth	 [user_unknown=ignore success=ok ignore=ignore auth_err=die default=bad]	
pam_securetty.so
auth	 include	common-auth
account  include 	common-account
password include	common-password
session  required	pam_loginuid.so
session	 include	common-session
session  required       pam_lastlog.so nowtmp
session  optional       pam_mail.so standard

/etc/pam.d/common-auth:
auth	required	pam_env.so
auth	required	pm_unix2.so

/etc/pam.d/common-acount:
acount	required	pam_unix2.so

/etc/pam.d/common-password:
password	requisite	pam_pwcheck.so	nullok cracklib
password	required	pam_unix2.so	use_authok nullok

/etc/pam.d/common-session:
session	required	pam_limits.so
session	required	pam_unix2.so
session	optional	pam_umask.so

Perhaps it could be a good idea to compare what other distributions do and 
optimize the files from archlinux.

See you, Attila



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux