[arch-general] pam settings INSECURE

Attila vodoo0904 at sonnenkinder.org
Wed Nov 18 15:25:33 EST 2009

At Mittwoch, 18. November 2009 14:07 Xavier wrote:

I hope this could be a help for someone who knows how to configurate pam.-)

> And I am curious to know what the pam settings of other distro are
> (debian,fedora,gentoo,..).

Opensuse with the KDE43 repo has no /etc/pam.d/kde file and they used for 
configuration of the common files an own tool with the name pam-config.

Here be the content of login and the common files:

auth	 requisite	pam_nologin.so
auth	 [user_unknown=ignore success=ok ignore=ignore auth_err=die default=bad]	
auth	 include	common-auth
account  include 	common-account
password include	common-password
session  required	pam_loginuid.so
session	 include	common-session
session  required       pam_lastlog.so nowtmp
session  optional       pam_mail.so standard

auth	required	pam_env.so
auth	required	pm_unix2.so

acount	required	pam_unix2.so

password	requisite	pam_pwcheck.so	nullok cracklib
password	required	pam_unix2.so	use_authok nullok

session	required	pam_limits.so
session	required	pam_unix2.so
session	optional	pam_umask.so

Perhaps it could be a good idea to compare what other distributions do and 
optimize the files from archlinux.

See you, Attila

More information about the arch-general mailing list