summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/pam-configs/radius-mandatory8
-rw-r--r--src/pam-configs/radius-optional4
-rw-r--r--src/pam-configs/tacplus-mandatory8
-rw-r--r--src/pam-configs/tacplus-optional8
4 files changed, 12 insertions, 16 deletions
diff --git a/src/pam-configs/radius-mandatory b/src/pam-configs/radius-mandatory
index 43b6bd3e0..3368fe7ff 100644
--- a/src/pam-configs/radius-mandatory
+++ b/src/pam-configs/radius-mandatory
@@ -4,16 +4,16 @@ Priority: 576
Auth-Type: Primary
Auth-Initial:
- [default=ignore success=end perm_denied=bad auth_err=bad] pam_radius_auth.so
+ [default=ignore success=end auth_err=die perm_denied=die user_unknown=die] pam_radius_auth.so
Auth:
- [default=ignore success=end perm_denied=bad auth_err=bad] pam_radius_auth.so use_first_pass
+ [default=ignore success=end auth_err=die perm_denied=die user_unknown=die] pam_radius_auth.so use_first_pass
Account-Type: Primary
Account:
[default=ignore success=1] pam_succeed_if.so user notingroup radius quiet
- [default=ignore new_authtok_reqd=done success=end perm_denied=bad auth_err=bad] pam_radius_auth.so
+ [default=ignore success=end] pam_radius_auth.so
Session-Type: Additional
Session:
[default=ignore success=1] pam_succeed_if.so user notingroup radius quiet
- [default=ignore success=ok perm_denied=bad auth_err=bad] pam_radius_auth.so
+ [default=bad success=ok] pam_radius_auth.so
diff --git a/src/pam-configs/radius-optional b/src/pam-configs/radius-optional
index 9f6d5f0ea..73085061d 100644
--- a/src/pam-configs/radius-optional
+++ b/src/pam-configs/radius-optional
@@ -11,9 +11,9 @@ Auth:
Account-Type: Primary
Account:
[default=ignore success=1] pam_succeed_if.so user notingroup radius quiet
- [default=ignore new_authtok_reqd=done success=end perm_denied=bad auth_err=bad] pam_radius_auth.so
+ [default=ignore success=end] pam_radius_auth.so
Session-Type: Additional
Session:
[default=ignore success=1] pam_succeed_if.so user notingroup radius quiet
- [default=ignore success=ok perm_denied=bad auth_err=bad] pam_radius_auth.so
+ [default=ignore success=ok perm_denied=bad user_unknown=bad] pam_radius_auth.so
diff --git a/src/pam-configs/tacplus-mandatory b/src/pam-configs/tacplus-mandatory
index 92da02327..ffccece19 100644
--- a/src/pam-configs/tacplus-mandatory
+++ b/src/pam-configs/tacplus-mandatory
@@ -3,17 +3,15 @@ Default: no
Priority: 576
Auth-Type: Primary
-Auth-Initial:
- [default=ignore success=end perm_denied=bad auth_err=bad] pam_tacplus.so include=/etc/tacplus_servers login=login
Auth:
- [default=ignore success=end perm_denied=bad auth_err=bad] pam_tacplus.so include=/etc/tacplus_servers login=login use_first_pass
+ [default=ignore success=end auth_err=die perm_denied=die user_unknown=die] pam_tacplus.so include=/etc/tacplus_servers login=login
Account-Type: Primary
Account:
[default=ignore success=1] pam_succeed_if.so user notingroup tacacs quiet
- [default=ignore new_authtok_reqd=done success=end perm_denied=bad auth_err=bad] pam_tacplus.so include=/etc/tacplus_servers login=login
+ [default=bad success=end] pam_tacplus.so include=/etc/tacplus_servers login=login
Session-Type: Additional
Session:
[default=ignore success=1] pam_succeed_if.so user notingroup tacacs quiet
- [default=ignore success=ok perm_denied=bad auth_err=bad] pam_tacplus.so include=/etc/tacplus_servers login=login
+ [default=bad success=ok] pam_tacplus.so include=/etc/tacplus_servers login=login
diff --git a/src/pam-configs/tacplus-optional b/src/pam-configs/tacplus-optional
index deed537d3..095c3a164 100644
--- a/src/pam-configs/tacplus-optional
+++ b/src/pam-configs/tacplus-optional
@@ -3,17 +3,15 @@ Default: no
Priority: 576
Auth-Type: Primary
-Auth-Initial:
- [default=ignore success=end] pam_tacplus.so include=/etc/tacplus_servers login=login
Auth:
- [default=ignore success=end] pam_tacplus.so include=/etc/tacplus_servers login=login use_first_pass
+ [default=ignore success=end] pam_tacplus.so include=/etc/tacplus_servers login=login
Account-Type: Primary
Account:
[default=ignore success=1] pam_succeed_if.so user notingroup tacacs quiet
- [default=ignore new_authtok_reqd=done success=end perm_denied=bad auth_err=bad] pam_tacplus.so include=/etc/tacplus_servers login=login
+ [default=ignore success=end auth_err=bad perm_denied=bad user_unknown=bad] pam_tacplus.so include=/etc/tacplus_servers login=login
Session-Type: Additional
Session:
[default=ignore success=1] pam_succeed_if.so user notingroup tacacs quiet
- [default=ignore success=ok perm_denied=bad auth_err=bad] pam_tacplus.so include=/etc/tacplus_servers login=login
+ [default=ignore success=ok session_err=bad user_unknown=bad] pam_tacplus.so include=/etc/tacplus_servers login=login
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-07 19:52:21 +0000