matthieu/frr
1
0
Fork 0
forked from Mirror/frr
Code Pull requests Activity

Merge pull request #15163 from opensourcerouting/fix/pam_account

Browse source 
packaging: Require account validation with pam_unix.so if PAM enabled
This commit is contained in:
Jafar Al-Gharaibeh 2024-01-30 10:24:57 -06:00 committed by GitHub
parent d633a81dbf e68c4f0539
commit 471e4b7bbe
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
debian/frr.pam vendored
View file

@ -1,4 +1,4 @@
# Any user may call vtysh but only those belonging to the group frrvty can
# actually connect to the socket and use the program.
auth sufficient pam_permit.so
account sufficient pam_rootok.so
account sufficient pam_permit.so

4
redhat/frr.pam
View file

@ -4,8 +4,8 @@
##### if running frr as root:
# Only allow root (and possibly wheel) to use this because enable access
# is unrestricted.
auth sufficient pam_rootok.so
account sufficient pam_rootok.so
auth sufficient pam_permit.so
account sufficient pam_permit.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid