/etc/pam.conf
fileI think there should be a secure(ish) blank pam.conf file somewhere in the distribution. In case the sys-admin mangles theirs. If it is not too long it could be given here, otherwise we can just point to it.
Is this too simple?
#
# default; deny access
#
OTHER auth required /usr/lib/security/pam_deny.so
OTHER account required /usr/lib/security/pam_deny.so
OTHER password required /usr/lib/security/pam_deny.so
OTHER session required /usr/lib/security/pam_deny.so
Next Chapter, Previous Chapter
Table of contents of this chapter, General table of contents
Top of the document, Beginning of this Chapter