[Summary view] [Print] [Text view]

   1  #%PAM-1.0
   2  auth    requisite       pam_nologin.so
   3  auth    required    pam_succeed_if.so user != root quiet_success
   4  @include common-auth
   5  auth    optional        pam_gnome_keyring.so
   6  @include common-account
   7  # SELinux needs to be the first session rule. This ensures that any 
   8  # lingering context has been cleared. Without out this it is possible 
   9  # that a module could execute code in the wrong domain.
  10  session [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so close
  11  session required        pam_limits.so
  12  session required        pam_env.so readenv=1
  13  session required        pam_env.so readenv=1 envfile=/etc/default/locale
  14  session required        pam_loginuid.so
  15  @include common-session
  16  # SELinux needs to intervene at login time to ensure that the process
  17  # starts in the proper default security context. Only sessions which are
  18  # intended to run in the user's context should be run after this.
  19  session [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so open
  20  session optional        pam_gnome_keyring.so auto_start
  21  @include common-password