%PDF- %PDF-
Direktori : /etc/pam.d/ |
Current File : //etc/pam.d/gdm-smartcard-pkcs11-exclusive |
#%PAM-1.0 auth [success=ok user_unknown=ignore default=bad] pam_succeed_if.so user != root quiet_success auth [success=2 module_unknown=ignore default=die] pam_pkcs11.so card_only # If pkcs11 is not installed or configured, we still fallback to default auth auth optional pam_echo.so PAM pkcs11 is not installed, Smart card authentication is not supported, falling back to default mechanism auth substack common-auth auth required pam_succeed_if.so user != root quiet_success auth requisite pam_nologin.so auth optional pam_gnome_keyring.so @include common-account # SELinux needs to be the first session rule. This ensures that any # lingering context has been cleared. Without this it is possible # that a module could execute code in the wrong domain. session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close session required pam_loginuid.so # SELinux needs to intervene at login time to ensure that the process # starts in the proper default security context. Only sessions which are # intended to run in the user's context should be run after this. # pam_selinux.so changes the SELinux context of the used TTY and configures # SELinux in order to transition to the user context with the next execve() # call. session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open session optional pam_keyinit.so force revoke session required pam_limits.so session required pam_env.so readenv=1 session required pam_env.so readenv=1 user_readenv=1 envfile=/etc/default/locale @include common-session session optional pam_gnome_keyring.so auto_start