"success=n" control syntax in pam.conf / pam.d/* files ...

Posted by Jamie on Server Fault See other posts from Server Fault or by Jamie
Published on 2010-04-21T15:38:45Z Indexed on 2010/04/21 15:43 UTC
Read the original article Hit count: 305

Filed under:
|

After sucessfully configuring Kerberos, this is what I've found in /etc/pam.d/common-auth file:

auth    [success=2 default=ignore]      pam_unix.so nullok_secure
auth    [success=1 default=ignore]      pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass
auth    requisite                       pam_deny.so
auth    required                        pam_permit.so

Does the success=2 control value mean that if the pam_unix.so fails, the authentication skips to the auth requisite pam_deny.so line or to the last line?

© Server Fault or respective owner

Related posts about pam

Related posts about linux