summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-06-21 22:08:16 +0200
committerChristian Breunig <christian@breunig.cc>2023-06-21 23:17:27 +0200
commitedc753ad22c03a7e96c6e2323cd551f50588d686 (patch)
treea075a811cd28f0862753792552c594dc9bbb2e11 /src
parent2e46106fceae3701b40ecc945882ee57400404d3 (diff)
downloadvyos-1x-edc753ad22c03a7e96c6e2323cd551f50588d686.tar.gz
vyos-1x-edc753ad22c03a7e96c6e2323cd551f50588d686.zip
tacacs: T141: create new UNIX group for aaa
Diffstat (limited to 'src')
-rw-r--r--src/pam-configs/radius11
1 files changed, 4 insertions, 7 deletions
diff --git a/src/pam-configs/radius b/src/pam-configs/radius
index aaae6aeb0..08247f77c 100644
--- a/src/pam-configs/radius
+++ b/src/pam-configs/radius
@@ -1,20 +1,17 @@
Name: RADIUS authentication
-Default: yes
+Default: no
Priority: 257
Auth-Type: Primary
Auth:
- [default=ignore success=1] pam_succeed_if.so uid eq 1000 quiet
- [default=ignore success=ignore] pam_succeed_if.so uid eq 1001 quiet
+ [default=ignore success=ignore] pam_succeed_if.so user ingroup aaa quiet
[authinfo_unavail=ignore success=end default=ignore] pam_radius_auth.so
Account-Type: Primary
Account:
- [default=ignore success=1] pam_succeed_if.so uid eq 1000 quiet
- [default=ignore success=ignore] pam_succeed_if.so uid eq 1001 quiet
+ [default=ignore success=ignore] pam_succeed_if.so user ingroup aaa quiet
[authinfo_unavail=ignore success=end perm_denied=bad default=ignore] pam_radius_auth.so
Session-Type: Additional
Session:
- [default=ignore success=1] pam_succeed_if.so uid eq 1000 quiet
- [default=ignore success=ignore] pam_succeed_if.so uid eq 1001 quiet
+ [default=ignore success=ignore] pam_succeed_if.so user ingroup aaa quiet
[authinfo_unavail=ignore success=ok default=ignore] pam_radius_auth.so