[arch-general] pam settings INSECURE
Attila
vodoo0904 at sonnenkinder.org
Wed Nov 18 15:25:33 EST 2009
At Mittwoch, 18. November 2009 14:07 Xavier wrote:
I hope this could be a help for someone who knows how to configurate pam.-)
> And I am curious to know what the pam settings of other distro are
> (debian,fedora,gentoo,..).
Opensuse with the KDE43 repo has no /etc/pam.d/kde file and they used for
configuration of the common files an own tool with the name pam-config.
Here be the content of login and the common files:
/etc/pam.d/login:
#%PAM-1.0
auth requisite pam_nologin.so
auth [user_unknown=ignore success=ok ignore=ignore auth_err=die default=bad]
pam_securetty.so
auth include common-auth
account include common-account
password include common-password
session required pam_loginuid.so
session include common-session
session required pam_lastlog.so nowtmp
session optional pam_mail.so standard
/etc/pam.d/common-auth:
auth required pam_env.so
auth required pm_unix2.so
/etc/pam.d/common-acount:
acount required pam_unix2.so
/etc/pam.d/common-password:
password requisite pam_pwcheck.so nullok cracklib
password required pam_unix2.so use_authok nullok
/etc/pam.d/common-session:
session required pam_limits.so
session required pam_unix2.so
session optional pam_umask.so
Perhaps it could be a good idea to compare what other distributions do and
optimize the files from archlinux.
See you, Attila
More information about the arch-general
mailing list