From fb3eba1d4623e63323c439682e2c7cc2dcb949e1 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 1 Mar 2020 20:03:45 +0100 Subject: login: radius: T2089: only query servers when uid matches ... Do not query RADIUS servers when commit is running started from a non RADIUS user (localuser, root). This should reduce the overall system boot time. --- src/pam-configs/radius | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src/pam-configs') diff --git a/src/pam-configs/radius b/src/pam-configs/radius index 0d9fbbb03..0e2c71e38 100644 --- a/src/pam-configs/radius +++ b/src/pam-configs/radius @@ -3,12 +3,18 @@ Default: yes Priority: 257 Auth-Type: Primary Auth: + [default=ignore success=1] pam_succeed_if.so uid eq 1001 quiet + [default=ignore success=ignore] pam_succeed_if.so uid eq 1002 quiet [authinfo_unavail=ignore success=end default=ignore] pam_radius_auth.so Account-Type: Primary Account: + [default=ignore success=1] pam_succeed_if.so uid eq 1001 quiet + [default=ignore success=ignore] pam_succeed_if.so uid eq 1002 quiet [authinfo_unavail=ignore success=end perm_denied=bad default=ignore] pam_radius_auth.so Session-Type: Additional Session: + [default=ignore success=1] pam_succeed_if.so uid eq 1001 quiet + [default=ignore success=ignore] pam_succeed_if.so uid eq 1002 quiet [authinfo_unavail=ignore success=ok default=ignore] pam_radius_auth.so -- cgit v1.2.3