Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 9 Dec 2005 15:51:30 GMT
From:      Todd Miller <millert@FreeBSD.org>
To:        Perforce Change Reviews <perforce@freebsd.org>
Subject:   PERFORCE change 87949 for review
Message-ID:  <200512091551.jB9FpUMT005227@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=87949

Change 87949 by millert@millert_ibook on 2005/12/09 15:50:48

	Add pam_sedarwin.  We need to be able to prompt the user
	for the role to choose from in keyboard-interactive mode
	but this has to happen *after* actual system authentication
	which makes things a bit messy.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam/pam.d/sshd#4 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/pam/pam.d/sshd#4 (text+ko) ====

@@ -1,9 +1,11 @@
 # login: auth account password session
 auth       required       pam_nologin.so
-auth       sufficient     pam_securityserver.so
-auth       sufficient     pam_unix.so
+auth       success=1default=2  pam_securityserver.so
+auth       success=okdefault=1 pam_unix.so
+auth       default=done   pam_sedarwin.so
 auth       required       pam_deny.so
 account    required       pam_permit.so
 password   required       pam_deny.so
 session    required       pam_permit.so
 session    required       pam_lctx.so
+session    required       pam_sedarwin.so



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200512091551.jB9FpUMT005227>