aboutsummaryrefslogtreecommitdiff
path: root/files/etc/pam.d
diff options
context:
space:
mode:
Diffstat (limited to 'files/etc/pam.d')
-rw-r--r--files/etc/pam.d/kde.freebsd2
-rw-r--r--files/etc/pam.d/login.freebsd3
-rw-r--r--files/etc/pam.d/other.freebsd8
-rw-r--r--files/etc/pam.d/sddm.freebsd3
-rw-r--r--files/etc/pam.d/sshd.freebsd4
-rw-r--r--files/etc/pam.d/su.freebsd10
-rw-r--r--files/etc/pam.d/sudo.freebsd3
-rw-r--r--files/etc/pam.d/system.freebsd8
8 files changed, 34 insertions, 7 deletions
diff --git a/files/etc/pam.d/kde.freebsd b/files/etc/pam.d/kde.freebsd
index 8f87b98..cb89294 100644
--- a/files/etc/pam.d/kde.freebsd
+++ b/files/etc/pam.d/kde.freebsd
@@ -1,5 +1,5 @@
auth required /usr/local/lib/security/pam_krb5.so try_first_pass
account required /usr/local/lib/security/pam_krb5.so
-account required pam_login_access.so
+account required pam_login_access.so nodefgroup
account required pam_unix.so
diff --git a/files/etc/pam.d/login.freebsd b/files/etc/pam.d/login.freebsd
index 164fcb0..ae50bbe 100644
--- a/files/etc/pam.d/login.freebsd
+++ b/files/etc/pam.d/login.freebsd
@@ -5,12 +5,13 @@ auth required pam_unix.so no_warn try_first_pass nullok
account requisite pam_securetty.so
account required pam_nologin.so
account required /usr/local/lib/security/pam_krb5.so
-account required pam_login_access.so
+account required pam_login_access.so nodefgroup
account required pam_unix.so
session required pam_lastlog.so no_fail
session required pam_xdg.so
session required /usr/local/lib/security/pam_krb5.so
+session optional /usr/local/lib/pam_mkhomedir.so mode=0700
password sufficient /usr/local/lib/security/pam_krb5.so try_first_pass
password required pam_unix.so no_warn try_first_pass
diff --git a/files/etc/pam.d/other.freebsd b/files/etc/pam.d/other.freebsd
new file mode 100644
index 0000000..38db8c5
--- /dev/null
+++ b/files/etc/pam.d/other.freebsd
@@ -0,0 +1,8 @@
+auth required pam_unix.so no_warn try_first_pass
+
+account required pam_nologin.so
+account required pam_unix.so
+
+session required pam_permit.so
+
+password required pam_permit.so
diff --git a/files/etc/pam.d/sddm.freebsd b/files/etc/pam.d/sddm.freebsd
index 6a75823..c222750 100644
--- a/files/etc/pam.d/sddm.freebsd
+++ b/files/etc/pam.d/sddm.freebsd
@@ -10,12 +10,13 @@ auth optional pam_kwallet5.so
account requisite pam_securetty.so
account required pam_nologin.so
account required /usr/local/lib/security/pam_krb5.so
-account required pam_login_access.so
+account required pam_login_access.so nodefgroup
account required pam_unix.so
session required pam_lastlog.so no_fail
session required pam_xdg.so no_fail
session required /usr/local/lib/security/pam_krb5.so
+session optional /usr/local/lib/pam_mkhomedir.so mode=0700
session optional pam_kwallet5.so auto_start
password required /usr/local/lib/security/pam_krb5.so try_first_pass
diff --git a/files/etc/pam.d/sshd.freebsd b/files/etc/pam.d/sshd.freebsd
index 559a980..1f81b48 100644
--- a/files/etc/pam.d/sshd.freebsd
+++ b/files/etc/pam.d/sshd.freebsd
@@ -3,11 +3,11 @@ auth required pam_unix.so no_warn try_first_pass
account required pam_nologin.so
account required /usr/local/lib/security/pam_krb5.so
-account required pam_login_access.so
+account required pam_login_access.so nodefgroup
account required pam_unix.so
session required /usr/local/lib/security/pam_krb5.so
-session required pam_permit.so
+session required /usr/local/lib/pam_mkhomedir.so mode=0700
password sufficient /usr/local/lib/security/pam_krb5.so try_first_pass
password required pam_unix.so no_warn try_first_pass
diff --git a/files/etc/pam.d/su.freebsd b/files/etc/pam.d/su.freebsd
new file mode 100644
index 0000000..0bd3ea0
--- /dev/null
+++ b/files/etc/pam.d/su.freebsd
@@ -0,0 +1,10 @@
+auth sufficient pam_rootok.so no_warn
+auth sufficient pam_self.so no_warn
+auth requisite pam_group.so no_warn group=wheel root_only fail_safe ruser
+auth sufficient /usr/local/lib/security/pam_krb5.so try_first_pass
+auth required pam_unix.so no_warn try_first_pass nullok
+
+account required /usr/local/lib/security/pam_krb5.so
+account required pam_unix.so
+
+session required pam_permit.so
diff --git a/files/etc/pam.d/sudo.freebsd b/files/etc/pam.d/sudo.freebsd
index 6a6b0a4..6c0a573 100644
--- a/files/etc/pam.d/sudo.freebsd
+++ b/files/etc/pam.d/sudo.freebsd
@@ -2,10 +2,9 @@ auth sufficient /usr/local/lib/security/pam_krb5.so try_first_pass
auth required pam_unix.so no_warn try_first_pass
account required /usr/local/lib/security/pam_krb5.so
-account required pam_login_access.so
account required pam_unix.so
-account required pam_permit.so
+session required pam_permit.so
password sufficient /usr/local/lib/security/pam_krb5.so try_first_pass
password required pam_unix.so no_warn try_first_pass
diff --git a/files/etc/pam.d/system.freebsd b/files/etc/pam.d/system.freebsd
new file mode 100644
index 0000000..b85310c
--- /dev/null
+++ b/files/etc/pam.d/system.freebsd
@@ -0,0 +1,8 @@
+auth required pam_unix.so no_warn try_first_pass nullok
+
+account required pam_unix.so
+
+session required pam_lastlog.so no_fail
+session required pam_xdg.so
+
+password required pam_unix.so no_warn try_first_pass
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-29 01:45:16 -0500