#if HAVE_ENV auth required pam_env.so DEBUG #endif #if HAVE_PAM_SSH auth sufficient pam_ssh.so #endif #if HAVE_KRB5 auth KRB5_CONTROL pam_krb5.so KRB5_PARAMS #endif auth required pam_unix.so try_first_pass LIKEAUTH NULLOK DEBUG /* This is needed to make sure that the Kerberos skip-on-success won't cause a bad jump. */ auth optional pam_permit.so #if HAVE_KRB5 account KRB5_CONTROL pam_krb5.so KRB5_PARAMS #endif account required pam_unix.so DEBUG /* This is needed to make sure that the Kerberos skip-on-success won't cause a bad jump. */ account optional pam_permit.so #if HAVE_PASSWDQC password required pam_passwdqc.so min=8,8,8,8,8 retry=3 #endif #if HAVE_KRB5 password KRB5_CONTROL pam_krb5.so KRB5_PARAMS #endif password required pam_unix.so try_first_pass UNIX_AUTHTOK NULLOK UNIX_EXTENDED_ENCRYPTION DEBUG /* This is needed to make sure that the Kerberos skip-on-success won't cause a bad jump. */ password optional pam_permit.so #if HAVE_PAM_SSH session optional pam_ssh.so #endif #if HAVE_SYSTEMD -session optional pam_systemd.so #endif #if HAVE_ELOGIND -session optional pam_elogind.so #endif #if HAVE_LIBCAP auth optional pam_cap.so #endif #include "system-session.inc"