Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/samba/samba/Solaris/pam.conf-winbind
changeset 264 84a67a54e8fd
child 504 1e7038bb308c 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/samba/samba/Solaris/pam.conf-winbind	Wed May 25 18:33:43 2011 +0200
@@ -0,0 +1,221 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved.
+#
+# PAM configuration
+#
+# Unless explicitly defined, all services use the modules
+# defined in the "other" section.
+#
+# Modules are defined with relative pathnames, i.e., they are
+# relative to /usr/lib/security/$ISA. Absolute path names, as
+# present in this file in previous releases are still acceptable.
+#
+# Authentication management
+#
+# login service (explicit because of pam_dial_auth)
+#
+login	auth requisite		pam_authtok_get.so.1
+login	auth required		pam_dhkeys.so.1
+login	auth required		pam_unix_cred.so.1
+login	auth required		pam_unix_auth.so.1
+login	auth required		pam_dial_auth.so.1
+#
+# rlogin service (explicit because of pam_rhost_auth)
+#
+rlogin	auth sufficient		pam_rhosts_auth.so.1
+rlogin	auth requisite		pam_authtok_get.so.1
+rlogin	auth required		pam_dhkeys.so.1
+rlogin	auth required		pam_unix_cred.so.1
+rlogin	auth required		pam_unix_auth.so.1
+#
+# Kerberized rlogin service
+#
+krlogin	auth required		pam_unix_cred.so.1
+krlogin	auth binding		pam_krb5.so.1
+krlogin	auth required		pam_unix_auth.so.1
+#
+# rsh service (explicit because of pam_rhost_auth,
+# and pam_unix_auth for meaningful pam_setcred)
+#
+rsh	auth sufficient		pam_rhosts_auth.so.1
+rsh	auth required		pam_unix_cred.so.1
+#
+# Kerberized rsh service
+#
+krsh	auth required		pam_unix_cred.so.1
+krsh	auth binding		pam_krb5.so.1
+krsh	auth required		pam_unix_auth.so.1
+#
+# Kerberized telnet service
+#
+ktelnet	auth required		pam_unix_cred.so.1
+ktelnet	auth binding		pam_krb5.so.1
+ktelnet	auth required		pam_unix_auth.so.1
+#
+# PPP service (explicit because of pam_dial_auth)
+#
+ppp	auth requisite		pam_authtok_get.so.1
+ppp	auth required		pam_dhkeys.so.1
+ppp	auth required		pam_unix_cred.so.1
+ppp	auth required		pam_unix_auth.so.1
+ppp	auth required		pam_dial_auth.so.1
+#
+# Default definitions for Authentication management
+# Used when service name is not explicitly mentioned for authentication
+#
+other	auth requisite		pam_authtok_get.so.1
+other	auth required		pam_dhkeys.so.1
+other	auth required		pam_unix_cred.so.1
+other	auth required		pam_unix_auth.so.1
+#
+# passwd command (explicit because of a different authentication module)
+#
+passwd	auth required		pam_passwd_auth.so.1
+#
+# cron service (explicit because of non-usage of pam_roles.so.1)
+#
+cron	account required	pam_unix_account.so.1
+#
+# Default definition for Account management
+# Used when service name is not explicitly mentioned for account management
+#
+other	account requisite	pam_roles.so.1
+other	account sufficient	pam_unix_account.so.1
+other	account required	pam_winbind.so
+#
+# Default definition for Session management
+# Used when service name is not explicitly mentioned for session management
+#
+other	session required	pam_unix_session.so.1
+#
+# Default definition for  Password management
+# Used when service name is not explicitly mentioned for password management
+#
+other	password required	pam_dhkeys.so.1
+other	password requisite	pam_authtok_get.so.1
+other	password requisite	pam_authtok_check.so.1
+other	password required	pam_winbind.so
+other	password required	pam_authtok_store.so.1
+#
+# Support for Kerberos V5 authentication and example configurations can
+# be found in the pam_krb5(5) man page under the "EXAMPLES" section.
+#
+#
+# PAM configuration
+#
+# Unless explicitly defined, all services use the modules
+# defined in the "other" section.
+#
+# Modules are defined with relative pathnames, i.e., they are
+# relative to /usr/lib/security/$ISA. Absolute path names, as
+# present in this file in previous releases are still acceptable.
+#
+# Authentication management
+#
+# login service (explicit because of pam_dial_auth)
+#
+login	auth requisite		pam_authtok_get.so.1
+login	auth required		pam_dhkeys.so.1
+login	auth required		pam_unix_cred.so.1
+login	auth required		pam_unix_auth.so.1
+login	auth required		pam_dial_auth.so.1
+#
+# rlogin service (explicit because of pam_rhost_auth)
+#
+rlogin	auth sufficient		pam_rhosts_auth.so.1
+rlogin	auth requisite		pam_authtok_get.so.1
+rlogin	auth required		pam_dhkeys.so.1
+rlogin	auth required		pam_unix_cred.so.1
+rlogin	auth required		pam_unix_auth.so.1
+#
+# Kerberized rlogin service
+#
+krlogin	auth required		pam_unix_cred.so.1
+krlogin	auth binding		pam_krb5.so.1
+krlogin	auth required		pam_unix_auth.so.1
+#
+# rsh service (explicit because of pam_rhost_auth,
+# and pam_unix_auth for meaningful pam_setcred)
+#
+rsh	auth sufficient		pam_rhosts_auth.so.1
+rsh	auth required		pam_unix_cred.so.1
+#
+# Kerberized rsh service
+#
+krsh	auth required		pam_unix_cred.so.1
+krsh	auth binding		pam_krb5.so.1
+krsh	auth required		pam_unix_auth.so.1
+#
+# Kerberized telnet service
+#
+ktelnet	auth required		pam_unix_cred.so.1
+ktelnet	auth binding		pam_krb5.so.1
+ktelnet	auth required		pam_unix_auth.so.1
+#
+# PPP service (explicit because of pam_dial_auth)
+#
+ppp	auth requisite		pam_authtok_get.so.1
+ppp	auth required		pam_dhkeys.so.1
+ppp	auth required		pam_unix_cred.so.1
+ppp	auth required		pam_unix_auth.so.1
+ppp	auth required		pam_dial_auth.so.1
+#
+# Default definitions for Authentication management
+# Used when service name is not explicitly mentioned for authentication
+#
+other	auth requisite		pam_authtok_get.so.1
+other	auth required		pam_dhkeys.so.1
+other	auth required		pam_unix_cred.so.1
+other	auth required		pam_unix_auth.so.1
+#
+# passwd command (explicit because of a different authentication module)
+#
+passwd	auth required		pam_passwd_auth.so.1
+#
+# cron service (explicit because of non-usage of pam_roles.so.1)
+#
+cron	account required	pam_unix_account.so.1
+#
+# Default definition for Account management
+# Used when service name is not explicitly mentioned for account management
+#
+other	account requisite	pam_roles.so.1
+other	account sufficient	pam_unix_account.so.1
+other	account required	pam_winbind.so
+#
+# Default definition for Session management
+# Used when service name is not explicitly mentioned for session management
+#
+other	session required	pam_unix_session.so.1
+#
+# Default definition for  Password management
+# Used when service name is not explicitly mentioned for password management
+#
+other	password required	pam_dhkeys.so.1
+other	password requisite	pam_authtok_get.so.1
+other	password requisite	pam_authtok_check.so.1
+other	password required	pam_winbind.so
+other	password required	pam_authtok_store.so.1
+#
+# Support for Kerberos V5 authentication and example configurations can
+# be found in the pam_krb5(5) man page under the "EXAMPLES" section.
+#
upstream/oracle/userland-gate