1# 2# CDDL HEADER START 3# 4# The contents of this file are subject to the terms of the 5# Common Development and Distribution License (the "License"). 6# You may not use this file except in compliance with the License. 7# 8# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9# or http://www.opensolaris.org/os/licensing. 10# See the License for the specific language governing permissions 11# and limitations under the License. 12# 13# When distributing Covered Code, include this CDDL HEADER in each 14# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15# If applicable, add the following below this CDDL HEADER, with the 16# fields enclosed by brackets "[]" replaced with your own identifying 17# information: Portions Copyright [yyyy] [name of copyright owner] 18# 19# CDDL HEADER END 20# 21# 22#ident "%Z%%M% %I% %E% SMI" 23# 24# Copyright 2007 Sun Microsystems, Inc. All rights reserved. 25# Use is subject to license terms. 26# 27# PAM configuration 28# 29# Unless explicitly defined, all services use the modules 30# defined in the "other" section. 31# 32# Modules are defined with relative pathnames, i.e., they are 33# relative to /usr/lib/security/$ISA. Absolute path names, as 34# present in this file in previous releases are still acceptable. 35# 36# Authentication management 37# 38# login service (explicit because of pam_dial_auth) 39# 40login auth requisite pam_authtok_get.so.1 41login auth required pam_dhkeys.so.1 42login auth required pam_unix_cred.so.1 43login auth required pam_unix_auth.so.1 44login auth required pam_dial_auth.so.1 45# 46# rlogin service (explicit because of pam_rhost_auth) 47# 48rlogin auth sufficient pam_rhosts_auth.so.1 49rlogin auth requisite pam_authtok_get.so.1 50rlogin auth required pam_dhkeys.so.1 51rlogin auth required pam_unix_cred.so.1 52rlogin auth required pam_unix_auth.so.1 53# 54# Kerberized rlogin service 55# 56krlogin auth required pam_unix_cred.so.1 57krlogin auth required pam_krb5.so.1 58# 59# rsh service (explicit because of pam_rhost_auth, 60# and pam_unix_auth for meaningful pam_setcred) 61# 62rsh auth sufficient pam_rhosts_auth.so.1 63rsh auth required pam_unix_cred.so.1 64# 65# Kerberized rsh service 66# 67krsh auth required pam_unix_cred.so.1 68krsh auth required pam_krb5.so.1 69# 70# Kerberized telnet service 71# 72ktelnet auth required pam_unix_cred.so.1 73ktelnet auth required pam_krb5.so.1 74# 75# PPP service (explicit because of pam_dial_auth) 76# 77ppp auth requisite pam_authtok_get.so.1 78ppp auth required pam_dhkeys.so.1 79ppp auth required pam_unix_cred.so.1 80ppp auth required pam_unix_auth.so.1 81ppp auth required pam_dial_auth.so.1 82# 83# Default definitions for Authentication management 84# Used when service name is not explicitly mentioned for authentication 85# 86other auth requisite pam_authtok_get.so.1 87other auth required pam_dhkeys.so.1 88other auth required pam_unix_cred.so.1 89other auth required pam_unix_auth.so.1 90# 91# passwd command (explicit because of a different authentication module) 92# 93passwd auth required pam_passwd_auth.so.1 94# 95# cron service (explicit because of non-usage of pam_roles.so.1) 96# 97cron account required pam_unix_account.so.1 98# 99# Default definition for Account management 100# Used when service name is not explicitly mentioned for account management 101# 102other account requisite pam_roles.so.1 103other account required pam_unix_account.so.1 104# 105# Default definition for Session management 106# Used when service name is not explicitly mentioned for session management 107# 108other session required pam_unix_session.so.1 109# 110# Default definition for Password management 111# Used when service name is not explicitly mentioned for password management 112# 113other password required pam_dhkeys.so.1 114other password requisite pam_authtok_get.so.1 115other password requisite pam_authtok_check.so.1 116other password required pam_authtok_store.so.1 117# 118# Support for Kerberos V5 authentication and example configurations can 119# be found in the pam_krb5(5) man page under the "EXAMPLES" section. 120# 121