%PDF- %PDF-
Direktori : /etc/alternatives/ |
Current File : //etc/alternatives/gdm-smartcard |
#%PAM-1.0 auth [success=ok user_unknown=ignore default=bad] pam_succeed_if.so user != root quiet_success auth [success=2 module_unknown=ignore default=die] pam_sss.so allow_missing_name require_cert_auth # If SSSD is not installed or configured, we still fallback to default auth auth optional pam_echo.so SSSD PAM module is not installed, Smart card authentication is not supported, falling back to default mechanism auth substack common-auth auth requisite pam_nologin.so auth optional pam_gnome_keyring.so @include common-account # SELinux needs to be the first session rule. This ensures that any # lingering context has been cleared. Without this it is possible # that a module could execute code in the wrong domain. session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close session required pam_loginuid.so # SELinux needs to intervene at login time to ensure that the process # starts in the proper default security context. Only sessions which are # intended to run in the user's context should be run after this. # pam_selinux.so changes the SELinux context of the used TTY and configures # SELinux in order to transition to the user context with the next execve() # call. session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open session optional pam_keyinit.so force revoke session required pam_limits.so session required pam_env.so readenv=1 session required pam_env.so readenv=1 user_readenv=1 envfile=/etc/default/locale @include common-session session optional pam_gnome_keyring.so auto_start