4. An example /etc/pam.conf file

Contents of this section

I think there should be a secure(ish) blank pam.conf file somewhere in the distribution. In case the sys-admin mangles theirs. If it is not too long it could be given here, otherwise we can just point to it.

Is this too simple?

#
# default; deny access
#

OTHER   auth     required       /usr/lib/security/pam_deny.so
OTHER   account  required       /usr/lib/security/pam_deny.so
OTHER   password required       /usr/lib/security/pam_deny.so
OTHER   session  required       /usr/lib/security/pam_deny.so


Next Chapter, Previous Chapter

Table of contents of this chapter, General table of contents

Top of the document, Beginning of this Chapter