summaryrefslogtreecommitdiff
path: root/src/conf_mode/https.py
diff options
context:
space:
mode:
authorzsdc <taras@vyos.io>2023-09-19 21:03:51 +0300
committerzsdc <taras@vyos.io>2023-11-20 18:46:37 +0200
commitc5dbc2049fd4fb2da6a0173611970978b11ec362 (patch)
treef097ec1a95bcafc8f53a3846ca61afbfebc6e0d0 /src/conf_mode/https.py
parent5d712700d6b8db43e36ad5f2a9f8792203bb12d0 (diff)
downloadvyos-1x-c5dbc2049fd4fb2da6a0173611970978b11ec362.tar.gz
vyos-1x-c5dbc2049fd4fb2da6a0173611970978b11ec362.zip
pam: T5577: Improved PAM configs for RADIUS and TACACS+
After sources analysis, we found the next possible return statuses for PAM modules: 1. pam_tacplus Auth: - PAM_AUTH_ERR - PAM_AUTHINFO_UNAVAIL - PAM_AUTHTOK_ERR - PAM_BUF_ERR - PAM_CRED_INSUFFICIENT - PAM_PERM_DENIED - PAM_SUCCESS - PAM_USER_UNKNOWN Account: - PAM_AUTH_ERR - PAM_AUTHINFO_UNAVAIL - PAM_PERM_DENIED - PAM_SUCCESS - PAM_USER_UNKNOWN Session: - PAM_AUTHINFO_UNAVAIL - PAM_SESSION_ERR - PAM_SUCCESS - PAM_USER_UNKNOWN 2. pam_radius_auth Auth: - PAM_ABORT - PAM_AUTH_ERR - PAM_AUTHINFO_UNAVAIL - PAM_AUTHTOK_ERR - PAM_BAD_ITEM - PAM_BUF_ERR - PAM_CONV_AGAIN - PAM_CONV_ERR - PAM_IGNORE - PAM_NO_MODULE_DATA - PAM_PERM_DENIED - PAM_SUCCESS - PAM_SYSTEM_ERR - PAM_USER_UNKNOWN Account: - PAM_SUCCESS Session: - PAM_ABORT - PAM_AUTHINFO_UNAVAIL - PAM_BAD_ITEM - PAM_BUF_ERR - PAM_CONV_AGAIN - PAM_CONV_ERR - PAM_IGNORE - PAM_NO_MODULE_DATA - PAM_PERM_DENIED - PAM_SUCCESS - PAM_SYSTEM_ERR - PAM_USER_UNKNOWN PAM configurations were replaced with tuned versions to take this into account.
Diffstat (limited to 'src/conf_mode/https.py')
0 files changed, 0 insertions, 0 deletions