File manager

File manager - Edit - /home/c14075/dragmet-ural.ru/www/pam.d.tar

Back
common-session-noninteractive��0000644��00000002202�15103475127�0012467 0��ustar�00��# # /etc/pam.d/common-session-noninteractive - session-related modules # common to all non-interactive services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define tasks to be performed # at the start and end of all non-interactive sessions. # # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. # To take advantage of this, it is recommended that you configure any # local modules either before or after the default block, and use # pam-auth-update to manage selection of other modules. See # pam-auth-update(8) for details. # here are the per-package modules (the "Primary" block) session [default=1] pam_permit.so # here's the fallback if no module succeeds session requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around session required pam_permit.so # and here are more per-package modules (the "Additional" block) session required pam_unix.so # end of pam-auth-update config ��chsh��0000644��00000001105�15103475127�0005416 0��ustar�00��# # The PAM configuration file for the Shadow `chsh' service # # This will not allow a user to change their shell unless # their current one is listed in /etc/shells. This keeps # accounts with special shells from changing them. auth required pam_shells.so # This allows root to change user shell without being # prompted for a password auth sufficient pam_rootok.so # The standard Unix authentication modules, used with # NIS (man nsswitch) as well as normal /etc/passwd and # /etc/shadow entries. @include common-auth @include common-account @include common-session ��newusers��0000644��00000000134�15103475127�0006345 0��ustar�00��# The PAM configuration file for the Shadow 'newusers' service # @include common-password ��common-auth��0000644��00000002276�15103475127�0006732 0��ustar�00��# # /etc/pam.d/common-auth - authentication settings common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authentication modules that define # the central authentication scheme for use on the system # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the # traditional Unix authentication mechanisms. # # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. # To take advantage of this, it is recommended that you configure any # local modules either before or after the default block, and use # pam-auth-update to manage selection of other modules. See # pam-auth-update(8) for details. # here are the per-package modules (the "Primary" block) auth [success=1 default=ignore] pam_unix.so nullok # here's the fallback if no module succeeds auth requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around auth required pam_permit.so # and here are more per-package modules (the "Additional" block) # end of pam-auth-update config ��common-session��0000644��00000002172�15103475127�0007447 0��ustar�00��# # /etc/pam.d/common-session - session-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define tasks to be performed # at the start and end of interactive sessions. # # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. # To take advantage of this, it is recommended that you configure any # local modules either before or after the default block, and use # pam-auth-update to manage selection of other modules. See # pam-auth-update(8) for details. # here are the per-package modules (the "Primary" block) session [default=1] pam_permit.so # here's the fallback if no module succeeds session requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around session required pam_permit.so # and here are more per-package modules (the "Additional" block) session required pam_unix.so session optional pam_systemd.so # end of pam-auth-update config ��su��0000644��00000004323�15103475127�0005125 0��ustar�00��# # The PAM configuration file for the Shadow `su' service # # This allows root to su without passwords (normal operation) auth sufficient pam_rootok.so # Uncomment this to force users to be a member of group wheel # before they can use `su'. You can also add "group=foo" # to the end of this line if you want to use a group other # than the default "wheel" (but this may have side effect of # denying "root" user, unless she's a member of "foo" or explicitly # permitted earlier by e.g. "sufficient pam_rootok.so"). # (Replaces the `SU_WHEEL_ONLY' option from login.defs) # auth required pam_wheel.so # Uncomment this if you want wheel members to be able to # su without a password. # auth sufficient pam_wheel.so trust # Uncomment this if you want members of a specific group to not # be allowed to use su at all. # auth required pam_wheel.so deny group=nosu # Uncomment and edit /etc/security/time.conf if you need to set # time restrainst on su usage. # (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs # as well as /etc/porttime) # account requisite pam_time.so # This module parses environment configuration file(s) # and also allows you to use an extended config # file /etc/security/pam_env.conf. # # parsing /etc/environment needs "readenv=1" session required pam_env.so readenv=1 # locale variables are also kept into /etc/default/locale in etch # reading this file in addition to /etc/environment does not hurt session required pam_env.so readenv=1 envfile=/etc/default/locale # Defines the MAIL environment variable # However, userdel also needs MAIL_DIR and MAIL_FILE variables # in /etc/login.defs to make sure that removing a user # also removes the user's mail spool file. # See comments in /etc/login.defs # # "nopen" stands to avoid reporting new mail when su'ing to another user session optional pam_mail.so nopen # Sets up user limits according to /etc/security/limits.conf # (Replaces the use of /etc/limits in old login) session required pam_limits.so # The standard Unix authentication modules, used with # NIS (man nsswitch) as well as normal /etc/passwd and # /etc/shadow entries. @include common-auth @include common-account @include common-session ��sudo��0000644��00000000137�15103475127�0005447 0��ustar�00��#%PAM-1.0 @include common-auth @include common-account @include common-session-noninteractive ��common-account��0000644��00000002270�15103475127�0007417 0��ustar�00��# # /etc/pam.d/common-account - authorization settings common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authorization modules that define # the central access policy for use on the system. The default is to # only deny service to users whose accounts are expired in /etc/shadow. # # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. # To take advantage of this, it is recommended that you configure any # local modules either before or after the default block, and use # pam-auth-update to manage selection of other modules. See # pam-auth-update(8) for details. # # here are the per-package modules (the "Primary" block) account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so # here's the fallback if no module succeeds account requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around account required pam_permit.so # and here are more per-package modules (the "Additional" block) # end of pam-auth-update config ��su-l��0000644��00000000211�15103475127�0005346 0��ustar�00��#%PAM-1.0 auth include su account include su password include su session optional pam_keyinit.so force revoke session include su ��runuser-l��0000644��00000000212�15103475127�0006423 0��ustar�00��#%PAM-1.0 auth include runuser session optional pam_keyinit.so force revoke -session optional pam_systemd.so session include runuser ��login��0000644��00000010036�15103475127�0005604 0��ustar�00��# # The PAM configuration file for the Shadow `login' service # # Enforce a minimal delay in case of failure (in microseconds). # (Replaces the `FAIL_DELAY' setting from login.defs) # Note that other modules may require another minimal delay. (for example, # to disable any delay, you should add the nodelay option to pam_unix) auth optional pam_faildelay.so delay=3000000 # Outputs an issue file prior to each login prompt (Replaces the # ISSUE_FILE option from login.defs). Uncomment for use # auth required pam_issue.so issue=/etc/issue # Disallows other than root logins when /etc/nologin exists # (Replaces the `NOLOGINS_FILE' option from login.defs) auth requisite pam_nologin.so # SELinux needs to be the first session rule. This ensures that any # lingering context has been cleared. Without this it is possible # that a module could execute code in the wrong domain. # When the module is present, "required" would be sufficient (When SELinux # is disabled, this returns success.) session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close # Sets the loginuid process attribute session required pam_loginuid.so # Prints the message of the day upon successful login. # (Replaces the `MOTD_FILE' option in login.defs) # This includes a dynamically generated part from /run/motd.dynamic # and a static (admin-editable) part from /etc/motd. session optional pam_motd.so motd=/run/motd.dynamic session optional pam_motd.so noupdate # SELinux needs to intervene at login time to ensure that the process # starts in the proper default security context. Only sessions which are # intended to run in the user's context should be run after this. # pam_selinux.so changes the SELinux context of the used TTY and configures # SELinux in order to transition to the user context with the next execve() # call. session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open # When the module is present, "required" would be sufficient (When SELinux # is disabled, this returns success.) # This module parses environment configuration file(s) # and also allows you to use an extended config # file /etc/security/pam_env.conf. # # parsing /etc/environment needs "readenv=1" session required pam_env.so readenv=1 # locale variables are also kept into /etc/default/locale in etch # reading this file in addition to /etc/environment does not hurt session required pam_env.so readenv=1 envfile=/etc/default/locale # Standard Unx authentication. @include common-auth # This allows certain extra groups to be granted to a user # based on things like time of day, tty, service, and user. # Please edit /etc/security/group.conf to fit your needs # (Replaces the `CONSOLE_GROUPS' option in login.defs) auth optional pam_group.so # Uncomment and edit /etc/security/time.conf if you need to set # time restraint on logins. # (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs # as well as /etc/porttime) # account requisite pam_time.so # Uncomment and edit /etc/security/access.conf if you need to # set access limits. # (Replaces /etc/login.access file) # account required pam_access.so # Sets up user limits according to /etc/security/limits.conf # (Replaces the use of /etc/limits in old login) session required pam_limits.so # Prints the last login info upon successful login # (Replaces the `LASTLOG_ENAB' option from login.defs) session optional pam_lastlog.so # Prints the status of the user's mailbox upon successful login # (Replaces the `MAIL_CHECK_ENAB' option from login.defs). # # This also defines the MAIL environment variable # However, userdel also needs MAIL_DIR and MAIL_FILE variables # in /etc/login.defs to make sure that removing a user # also removes the user's mail spool file. # See comments in /etc/login.defs session optional pam_mail.so standard # Create a new session keyring. session optional pam_keyinit.so force revoke # Standard Unx account and session @include common-account @include common-session @include common-password ��sshd��0000644��00000004125�15103475127�0005437 0��ustar�00��# PAM configuration for the Secure Shell service # Standard Unx authentication. @include common-auth # Disallow non-root logins when /etc/nologin exists. account required pam_nologin.so # Uncomment and edit /etc/security/access.conf if you need to set complex # access limits that are hard to express in sshd_config. # account required pam_access.so # Standard Unx authorization. @include common-account # SELinux needs to be the first session rule. This ensures that any # lingering context has been cleared. Without this it is possible that a # module could execute code in the wrong domain. session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close # Set the loginuid process attribute. session required pam_loginuid.so # Create a new session keyring. session optional pam_keyinit.so force revoke # Standard Unx session setup and teardown. @include common-session # Print the message of the day upon successful login. # This includes a dynamically generated part from /run/motd.dynamic # and a static (admin-editable) part from /etc/motd. session optional pam_motd.so motd=/run/motd.dynamic session optional pam_motd.so noupdate # Print the status of the user's mailbox upon successful login. session optional pam_mail.so standard noenv # [1] # Set up user limits from /etc/security/limits.conf. session required pam_limits.so # Read environment variables from /etc/environment and # /etc/security/pam_env.conf. session required pam_env.so # [1] # In Debian 4.0 (etch), locale-related environment variables were moved to # /etc/default/locale, so read that as well. session required pam_env.so user_readenv=1 envfile=/etc/default/locale # SELinux needs to intervene at login time to ensure that the process starts # in the proper default security context. Only sessions which are intended # to run in the user's context should be run after this. session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open # Standard Unx password updating. @include common-password ��other��0000644��00000001010�15103475127�0005605 0��ustar�00��# # /etc/pam.d/other - specify the PAM fallback behaviour # # Note that this file is used for any unspecified service; for example #if /etc/pam.d/cron specifies no session modules but cron calls #pam_open_session, the session module out of /etc/pam.d/other is #used. If you really want nothing to happen then use pam_permit.so or #pam_deny.so as appropriate. # We fall back to the system default in /etc/pam.d/common-* # @include common-auth @include common-account @include common-password @include common-session ��atd��0000644��00000000372�15103475127�0005246 0��ustar�00��# # The PAM configuration file for the at daemon # @include common-auth @include common-account session required pam_loginuid.so @include common-session-noninteractive session required pam_limits.so auth required pam_env.so user_readenv=1 ��cron��0000644��00000001136�15103475127�0005436 0��ustar�00��# The PAM configuration file for the cron daemon @include common-auth # Sets the loginuid process attribute session required pam_loginuid.so # Read environment variables from pam_env's default files, /etc/environment # and /etc/security/pam_env.conf. session required pam_env.so # In addition, read system locale information session required pam_env.so envfile=/etc/default/locale @include common-account @include common-session-noninteractive # Sets up user limits, please define limits for cron tasks # through /etc/security/limits.conf session required pam_limits.so ��passwd��0000644��00000000134�15103475127�0005773 0��ustar�00��# # The PAM configuration file for the Shadow `passwd' service # @include common-password ��runuser��0000644��00000000217�15103475127�0006177 0��ustar�00��#%PAM-1.0 auth sufficient pam_rootok.so session optional pam_keyinit.so revoke session required pam_limits.so session required pam_unix.so ��common-password��0000644��00000003124�15103475127�0007624 0��ustar�00��# # /etc/pam.d/common-password - password-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define the services to be # used to change user passwords. The default is pam_unix. # Explanation of pam_unix options: # The "yescrypt" option enables #hashed passwords using the yescrypt algorithm, introduced in Debian #11. Without this option, the default is Unix crypt. Prior releases #used the option "sha512"; if a shadow password hash will be shared #between Debian 11 and older releases replace "yescrypt" with "sha512" #for compatibility . The "obscure" option replaces the old #`OBSCURE_CHECKS_ENAB' option in login.defs. See the pam_unix manpage #for other options. # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. # To take advantage of this, it is recommended that you configure any # local modules either before or after the default block, and use # pam-auth-update to manage selection of other modules. See # pam-auth-update(8) for details. # here are the per-package modules (the "Primary" block) password [success=1 default=ignore] pam_unix.so obscure yescrypt # here's the fallback if no module succeeds password requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around password required pam_permit.so # and here are more per-package modules (the "Additional" block) # end of pam-auth-update config ��chpasswd��0000644��00000000134�15103475127�0006306 0��ustar�00��# The PAM configuration file for the Shadow 'chpasswd' service # @include common-password ��chfn��0000644��00000000600�15103475127�0005406 0��ustar�00��# # The PAM configuration file for the Shadow `chfn' service # # This allows root to change user infomation without being # prompted for a password auth sufficient pam_rootok.so # The standard Unix authentication modules, used with # NIS (man nsswitch) as well as normal /etc/passwd and # /etc/shadow entries. @include common-auth @include common-account @include common-session ��systemd-user��0000644��00000000554�15135122603�0007135 0��ustar�00��# This file is part of systemd. # # Used by systemd --user instances. @include common-account session required pam_selinux.so close session required pam_selinux.so nottys open session required pam_loginuid.so session required pam_limits.so @include common-session-noninteractive session optional pam_keyinit.so force revoke session optional pam_systemd.so ��

| ver. 1.4 | Github | . | PHP 7.4.33 | Generation time: 0.27 | proxy | phpinfo | Settings