smartcard-auth-ac(5) - phpMan

Command: man perldoc info search(apropos)  


SYSTEM-AUTH-AC(5)                      File Formats Manual                      SYSTEM-AUTH-AC(5)



NAME
       system-auth-ac,  password-auth-ac,  smartcard-auth-ac, fingerprint-auth-ac, postlogin-ac -
       Common configuration files for PAMified services written by authconfig(8)


SYNOPSIS
       /etc/pam.d/system-auth-ac



DESCRIPTION
       The purpose of this configuration file is to provide common  configuration  file  for  all
       applications and service daemons calling PAM library.


       The  system-auth  configuration file is included from all individual service configuration
       files with the help of the include directive. When authconfig(8)  writes  the  system  PAM
       configuration  file  it  replaces  the default system-auth file with a symlink pointing to
       system-auth-ac and writes the configuration to this file. The symlink is  not  changed  on
       subsequent  configuration changes even if it points elsewhere. This allows system adminis-
       trators to override the configuration written by authconfig.

       The authconfig now writes the authentication modules also into additional  PAM  configura-
       tion  files /etc/pam.d/password-auth-ac, /etc/pam.d/smartcard-auth-ac, and /etc/pam.d/fin-
       gerprint-auth-ac.  These configuration files contain only modules which perform  authenti-
       cation  with the respective kinds of authentication tokens.  For example /etc/pam.d/smart-
       card-auth[-ac] will not contain pam_unix and  pam_ldap  modules  and  /etc/pam.d/password-
       auth[-ac] will not contain pam_pkcs11 and pam_fprintd modules.

       The  file  /etc/pam.d/postlogin-ac  contains common services to be invoked after login. An
       example can be a module that encrypts an  user's  filesystem  or  user's  keyring  and  is
       decrypted by his password.

       The  PAM  configuration files of services which are accessed by remote connections such as
       sshd or ftpd now  include  the  /etc/pam.d/password-auth  configuration  file  instead  of
       /etc/pam.d/system-auth.



EXAMPLE
       Configure  system  to use pam_tally2 for configuration of maximum number of failed logins.
       Also call pam_access to verify if access is allowed.

       Make system-auth symlink point to system-auth-local which contains:

       auth            requisite       pam_access.so
       auth            requisite       pam_tally2.so deny=3 lock_time=30 \
                                             unlock_time=3600
       auth            include         system-auth-ac
       account         required        pam_tally2.so
       account         include         system-auth-ac
       password        include         system-auth-ac
       session         include         system-auth-ac



BUGS
       None known.


SEE ALSO
       authconfig(8), authconfig-gtk(8), pam(8), system-auth(5)



Red Hat, Inc.                             2010 March 31                         SYSTEM-AUTH-AC(5)

Generated by $Id: phpMan.php,v 4.55 2007/09/05 04:42:51 chedong Exp $ Author: Che Dong
On Apache
Under GNU General Public License
2024-12-22 15:09 @18.117.156.84 CrawledBy Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Valid XHTML 1.0!Valid CSS!