diff options
author | zsdc <taras@vyos.io> | 2023-09-19 21:03:51 +0300 |
---|---|---|
committer | zsdc <taras@vyos.io> | 2023-11-20 18:46:37 +0200 |
commit | c5dbc2049fd4fb2da6a0173611970978b11ec362 (patch) | |
tree | f097ec1a95bcafc8f53a3846ca61afbfebc6e0d0 /data | |
parent | 5d712700d6b8db43e36ad5f2a9f8792203bb12d0 (diff) | |
download | vyos-1x-c5dbc2049fd4fb2da6a0173611970978b11ec362.tar.gz vyos-1x-c5dbc2049fd4fb2da6a0173611970978b11ec362.zip |
pam: T5577: Improved PAM configs for RADIUS and TACACS+
After sources analysis, we found the next possible return statuses for PAM
modules:
1. pam_tacplus
Auth:
- PAM_AUTH_ERR
- PAM_AUTHINFO_UNAVAIL
- PAM_AUTHTOK_ERR
- PAM_BUF_ERR
- PAM_CRED_INSUFFICIENT
- PAM_PERM_DENIED
- PAM_SUCCESS
- PAM_USER_UNKNOWN
Account:
- PAM_AUTH_ERR
- PAM_AUTHINFO_UNAVAIL
- PAM_PERM_DENIED
- PAM_SUCCESS
- PAM_USER_UNKNOWN
Session:
- PAM_AUTHINFO_UNAVAIL
- PAM_SESSION_ERR
- PAM_SUCCESS
- PAM_USER_UNKNOWN
2. pam_radius_auth
Auth:
- PAM_ABORT
- PAM_AUTH_ERR
- PAM_AUTHINFO_UNAVAIL
- PAM_AUTHTOK_ERR
- PAM_BAD_ITEM
- PAM_BUF_ERR
- PAM_CONV_AGAIN
- PAM_CONV_ERR
- PAM_IGNORE
- PAM_NO_MODULE_DATA
- PAM_PERM_DENIED
- PAM_SUCCESS
- PAM_SYSTEM_ERR
- PAM_USER_UNKNOWN
Account:
- PAM_SUCCESS
Session:
- PAM_ABORT
- PAM_AUTHINFO_UNAVAIL
- PAM_BAD_ITEM
- PAM_BUF_ERR
- PAM_CONV_AGAIN
- PAM_CONV_ERR
- PAM_IGNORE
- PAM_NO_MODULE_DATA
- PAM_PERM_DENIED
- PAM_SUCCESS
- PAM_SYSTEM_ERR
- PAM_USER_UNKNOWN
PAM configurations were replaced with tuned versions to take this into account.
Diffstat (limited to 'data')
0 files changed, 0 insertions, 0 deletions