Cross Reference: /osnet-11/usr/src/lib/pam_modules/user_policy/conf/unix

2N/A#
2N/A# CDDL HEADER START
2N/A#
2N/A# The contents of this file are subject to the terms of the
2N/A# Common Development and Distribution License (the "License").
2N/A# You may not use this file except in compliance with the License.
2N/A#
2N/A# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
2N/A# or http://www.opensolaris.org/os/licensing.
2N/A# See the License for the specific language governing permissions
2N/A# and limitations under the License.
2N/A#
2N/A# When distributing Covered Code, include this CDDL HEADER in each
2N/A# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
2N/A# If applicable, add the following below this CDDL HEADER, with the
2N/A# fields enclosed by brackets "[]" replaced with your own identifying
2N/A# information: Portions Copyright [yyyy] [name of copyright owner]
2N/A#
2N/A# CDDL HEADER END
2N/A#
2N/A# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
2N/A#
2N/A# PAM configuration for using UNIX authentication (UNIX passwords)
2N/A# and UNIX for account management and password management.
2N/A#
2N/A# Authentication management
2N/A#
2N/A# login service (explicit because of pam_dial_auth)
2N/A#
2N/Alogin   auth requisite      pam_authtok_get.so.1
2N/Alogin   auth required       pam_dhkeys.so.1
2N/Alogin   auth required       pam_unix_auth.so.1
2N/Alogin   auth required       pam_unix_cred.so.1
2N/Alogin   auth required       pam_dial_auth.so.1
2N/A#
2N/A# rlogin service (explicit because of pam_rhost_auth)
2N/A#
2N/Arlogin  auth sufficient     pam_rhosts_auth.so.1
2N/Arlogin  auth requisite      pam_authtok_get.so.1
2N/Arlogin  auth required       pam_dhkeys.so.1
2N/Arlogin  auth required       pam_unix_auth.so.1
2N/Arlogin  auth required       pam_unix_cred.so.1
2N/A#
2N/A# Kerberized rlogin service
2N/A#
2N/Akrlogin auth required       pam_unix_cred.so.1
2N/Akrlogin auth required       pam_krb5.so.1
2N/A#
2N/A# rsh service (explicit because of pam_rhost_auth)
2N/A#
2N/Arsh auth sufficient     pam_rhosts_auth.so.1
2N/Arsh auth required       pam_unix_cred.so.1
2N/A#
2N/A# Kerberized rsh service
2N/A#
2N/Akrsh    auth required       pam_unix_cred.so.1
2N/Akrsh    auth required       pam_krb5.so.1
2N/A#
2N/A# Kerberized telnet service
2N/A#
2N/Aktelnet auth required       pam_unix_cred.so.1
2N/Aktelnet auth required       pam_krb5.so.1
2N/A#
2N/A# PPP service (explicit because of pam_dial_auth)
2N/A#
2N/Appp auth requisite      pam_authtok_get.so.1
2N/Appp auth required       pam_dhkeys.so.1
2N/Appp auth required       pam_unix_auth.so.1
2N/Appp auth required       pam_unix_cred.so.1
2N/Appp auth required       pam_dial_auth.so.1
2N/A#
2N/A# GDM Autologin (explicit because of pam_allow).  These need to be
2N/A# here as there is no mechanism for packages to amend pam.conf as
2N/A# they are installed.
2N/A#
2N/Agdm-autologin auth  required    pam_unix_cred.so.1
2N/Agdm-autologin auth  sufficient  pam_allow.so.1
2N/A#
2N/A# Default definitions for Authentication management
2N/A# Used when service name is not explicitly mentioned for authentication
2N/A#
2N/Aother   auth requisite      pam_authtok_get.so.1
2N/Aother   auth required       pam_dhkeys.so.1
2N/Aother   auth required       pam_unix_auth.so.1
2N/Aother   auth required       pam_unix_cred.so.1
2N/A#
2N/A# cron service (explicit because of non-usage of pam_roles.so.1)
2N/A#
2N/Acron    account required    pam_unix_account.so.1
2N/A#
2N/A# cups service (explicit because of non-usage of pam_roles.so.1)
2N/A#
2N/Acups    account required    pam_unix_account.so.1
2N/A#
2N/A# GDM Autologin (explicit because of pam_allow) This needs to be here
2N/A# as there is no mechanism for packages to amend pam.conf as they are
2N/A# installed.
2N/A#
2N/Agdm-autologin account  sufficient  pam_allow.so.1
2N/A#
2N/A# Default definition for Account management
2N/A# Used when service name is not explicitly mentioned for account management
2N/A#
2N/Aother   account requisite   pam_roles.so.1
2N/Aother   account required    pam_unix_account.so.1
2N/Aother   account required    pam_tsol_account.so.1
2N/A#
2N/A# Password management (authentication)
2N/A#
2N/Apasswd  auth    required    pam_passwd_auth.so.1
2N/A#
2N/A# Password management (updates)
2N/A#
2N/Aother   password include    pam_authtok_common
2N/Aother   password required   pam_authtok_store.so.1
2N/A#
2N/A# Default definition for Session management
2N/A# Used when service name is not explicitly mentioned for session management
2N/A#
2N/Aother   session required    pam_unix_session.so.1
2N/A#
2N/A# Account management for Trusted Extensions (TX)
2N/A# These entries are required for TX environments since these services
2N/A# run in the Trusted Path and pam_tsol_account(5) isn't applicable to
2N/A# PAM sessions which run in the Trusted Path.
2N/A#
2N/Agdm     account     requisite   pam_roles.so.1
2N/Agdm     account     required    pam_unix_account.so.1
2N/Axscreensaver    account     requisite   pam_roles.so.1
2N/Axscreensaver    account     required    pam_unix_account.so.1
2N/Apasswd      account     requisite   pam_roles.so.1
2N/Apasswd      account     required    pam_unix_account.so.1
2N/Adtpasswd    account     requisite   pam_roles.so.1
2N/Adtpasswd    account     required    pam_unix_account.so.1
2N/Atsoljds-tstripe account     requisite   pam_roles.so.1
2N/Atsoljds-tstripe account     required    pam_unix_account.so.1