diff options
author | Dave Olson <olson@cumulusnetworks.com> | 2017-06-16 15:49:56 -0700 |
---|---|---|
committer | Dave Olson <olson@cumulusnetworks.com> | 2017-06-16 16:18:07 -0700 |
commit | 3a47df99b207d85469d0a3126aacf491ba61c1d4 (patch) | |
tree | b32ecb55edf4e2712bb3f0877a875b4477acbb4b /debian/pam_example | |
parent | a11bbaeb6b0635dd852fb511a28f67da80327fef (diff) | |
download | libpam-radius-auth-3a47df99b207d85469d0a3126aacf491ba61c1d4.tar.gz libpam-radius-auth-3a47df99b207d85469d0a3126aacf491ba61c1d4.zip |
Added debian directory from jessie 1.3.16, with changelog updates
Cleaned up to use simpler rules file as part of that import.
Also newer compat level, etc.
Diffstat (limited to 'debian/pam_example')
-rw-r--r-- | debian/pam_example | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/debian/pam_example b/debian/pam_example new file mode 100644 index 0000000..1ab27e8 --- /dev/null +++ b/debian/pam_example @@ -0,0 +1,64 @@ +This is a simple and safe example on how to enable radius +authentication to the console login on a Debian system and +you are too lazy to read the USAGE documentation. + +Edit /etc/pam.d/login + +The default looks like: + +[SNIP] + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# This module parses /etc/environment (the standard for setting +# environ vars) and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# (Replaces the `ENVIRON_FILE' setting from login.defs) +auth required pam_env.so + +# Standard Un*x authentication. The "nullok" line allows passwordless +# accounts. +@include common-auth + +[SNIP] + + +Insert the following line: + +auth sufficient pam_radius_auth.so + +AFTER + +auth required pam_env.so + +and BEFORE + +# Standard Un*x authentication. The "nullok" line allows passwordless +# accounts. +@include common-auth + +so that it will looks like: + +[SNIP] + +# This module parses /etc/environment (the standard for setting +# environ vars) and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# (Replaces the `ENVIRON_FILE' setting from login.defs) +auth required pam_env.so + +##### RADIUS ##### +auth sufficient pam_radius_auth.so + +# Standard Un*x authentication. The "nullok" line allows passwordless +# accounts. +@include common-auth + +[SNIP] + +Try now to login in one of the consoles using the radius password. +If it fails the system will prompt again for a password. This time +provide the local one. + |