Don't fall to pam_deny to avoid further modules to be executed.

If we want to chainload other auth methods we can do it in pambase now.
author: Diego 'Flameeyes' Pettenò <flameeyes@gmail.com> 2008-03-18 13:58:18 +0100
committer: Diego 'Flameeyes' Pettenò <flameeyes@gmail.com> 2008-03-18 13:58:18 +0100
commit: fb17b8e32ace58c620f9779d6d43c41d520282e4 (patch)
tree: 332beb3d0ce929013af21c9b53f1cf11f8054dc6 /system-auth.in
parent: Remove stray #end. (diff)
download: pambase-fb17b8e32ace58c620f9779d6d43c41d520282e4.tar.gz
pambase-fb17b8e32ace58c620f9779d6d43c41d520282e4.tar.bz2
pambase-fb17b8e32ace58c620f9779d6d43c41d520282e4.zip
1 files changed, 2 insertions, 4 deletions
diff --git a/system-auth.in b/system-auth.in
index c48fea4..6cc19d1 100644
--- a/system-auth.in
+++ b/system-auth.in
@@ -1,8 +1,7 @@
 #if HAVE_ENV
 auth		required	pam_env.so DEBUG
 #endif
-auth		sufficient	pam_unix.so try_first_pass LIKEAUTH nullok DEBUG
-auth		required	pam_deny.so
+auth		required	pam_unix.so try_first_pass LIKEAUTH nullok DEBUG
  
 account		required	pam_unix.so DEBUG
  
@@ -12,8 +11,7 @@ password	required	pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 try_first
 #if HAVE_PASSWDQC
 password	required	pam_passwdqc.so min=8,8,8,8,8 retry=3
 #endif
-password	sufficient	pam_unix.so try_first_pass AUTHTOK nullok UNIX_EXTENDED_ENCRYPTION DEBUG
-password	required	pam_deny.so
+password	required	pam_unix.so try_first_pass AUTHTOK nullok UNIX_EXTENDED_ENCRYPTION DEBUG
  
 #if HAVE_LIMITS
 session		required	pam_limits.so DEBUG
author	Diego 'Flameeyes' Pettenò <flameeyes@gmail.com>	2008-03-18 13:58:18 +0100
committer	Diego 'Flameeyes' Pettenò <flameeyes@gmail.com>	2008-03-18 13:58:18 +0100
commit	fb17b8e32ace58c620f9779d6d43c41d520282e4 (patch)
tree	332beb3d0ce929013af21c9b53f1cf11f8054dc6 /system-auth.in
parent	Remove stray #end. (diff)
download	pambase-fb17b8e32ace58c620f9779d6d43c41d520282e4.tar.gz pambase-fb17b8e32ace58c620f9779d6d43c41d520282e4.tar.bz2 pambase-fb17b8e32ace58c620f9779d6d43c41d520282e4.zip