"success=n" control syntax in pam.conf / pam.d/* files ...
Posted
by Jamie
on Server Fault
See other posts from Server Fault
or by Jamie
Published on 2010-04-21T15:38:45Z
Indexed on
2010/04/21
15:43 UTC
Read the original article
Hit count: 305
After sucessfully configuring Kerberos, this is what I've found in /etc/pam.d/common-auth
file:
auth [success=2 default=ignore] pam_unix.so nullok_secure
auth [success=1 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass
auth requisite pam_deny.so
auth required pam_permit.so
Does the success=2
control value mean that if the pam_unix.so
fails, the authentication skips to the auth requisite pam_deny.so
line or to the last line?
© Server Fault or respective owner