Skip to content
Snippets Groups Projects
Unverified Commit 70e535f4 authored by Anna Wilcox's avatar Anna Wilcox :fox:
Browse files

user/linux-pam: harden configuration

Refuse to allow logins for accounts with no password.
parent 9e76c2f0
No related branches found
No related tags found
No related merge requests found
......@@ -2,7 +2,7 @@
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=linux-pam
pkgver=1.3.1
pkgrel=1
pkgrel=2
pkgdesc="Pluggable Authentication Modules"
url="https://www.kernel.org/pub/linux/libs/pam"
arch="all"
......@@ -87,10 +87,10 @@ sha512sums="6bc8e2a5b64686f0a23846221c5228c88418ba485b17c53b3a12f91262b5bb73566d
f49edf3876cc6bcb87bbea4e7beaeb0a382d596898c755f5fbaf6c2ed4e0c8f082b2cd16dde8a74af82bb09a1334f463e07a4bb5b8a48f023ff90a67ad2fdd44 libpam-fix-build-with-eglibc-2.16.patch
82fb1ec27b370ed5d30451f31aecbacf94ff8aff9db52e79090466dcdd1b1b2c18ca7e0641b1b51a3ed78ea7203fe9464b50f63d6dbf661e10f68366c79196ae musl-fix-pam_exec.patch
8352c0bd36f776251143d1e73d92a1e746e8f23778462e441cc989afd4204887aca6b310d87ab8e5b315b13c4ad1225c87531b71a0fef693772fc7e12bcde418 use-utmpx.patch
0672ab21adb969af2a0082e2559f1196d8a4f8b1cff2836f97e5f24edb03b6aed156c61cf335a4df978e423dcd9934ffee8cb5784ed5dde704d7e5ddec4ba9f6 base-auth.pamd
85462201a4044c7e170e617d39b0eceb4790abc6c0504999117548030a16d80a9d2078d1ad97690d7d346e6374201f0c52e792ccb08ce2b1c4bbf0cc2be96f5b base-account.pamd
8223b815148c3b9b874d2c283840f6428c266e56c7cf49ce8fc508c4945ae31c837bef96dab17f64a60812d1c9cd0055cf0a50d7951d23070b69bd2e5bb9666d base-password.pamd
b0138f662715974bd865d755c5e7d403faf5b9ad1b7e2b1d1598ad7eb5764a9ff407f1a5e6ce7f16db9fc10f8d643323b494563416fd6a654032529b52213c5b base-session.pamd
444e20046843057b17c0aac14d2b71a68923b989b3d8b478bbf684698673683186e928e5ca2e6cb9a1c76abc4248044a0e10ef6b06b3f51857106796ecce250d base-session-noninteractive.pamd
d103ba06b2c4929171e09c845f9866539220cd20d8d56a03d25850342ef5eabe281e958dfe1eaefd550c00f9440e8700c1d74c88c3001f933134ca6fd7cb9b7b other.pamd
b512d691f2a6b11fc329bf91dd05ca9c589bbd444308b27d3c87c75262dedf6afc68a9739229249a4bd3d0c43cb1f871eecbb93c4fe559e0f38bdabbffd06ad7 su.pamd"
2df1d45af0f32ed3755fde2771129f73f28761e0c5d8b08ca880a0206c6eaa3a32cc1bcf27045b960f33d062cff901220acd535e319ae3c4368614dada08cd2a base-auth.pamd
62144e8f785ce324771465017a27b9a538856ba120d80d1181f5b1012d56170b712c4cd9d018ee51af387a2cdf0442c14f7d07d556abcb2e2bea54bca2c4c262 base-account.pamd
b8e6f5cf4ada79470be9f24cd414dd1bb7918ad2c973d2e19134e27016596142d32b593fff0b9f15b58dc2e9af52763070fe11667815e649c09aef5580f5bc95 base-password.pamd
59b746dbd220ccf7217f5dc01c8c2554bb18a37b48f966b63dcb189e07a19ab0b0187511fed232f26f326d734ee32fa7fd47e0194d6ebd4bed5766247165d553 base-session.pamd
2d42a0a8781a71405ca4512bb32c409ac73cbed0fc4d0bf9483f7825feae0976fd04ef2002f0a8fe4b9ff69a6b98dae060685b4da47769b09b6020a1e5ff0ef0 base-session-noninteractive.pamd
862df6a009dea562e46242552fdbcfa8bc0ebc8abbaa9cf91eae106f9e41557209dfa98cc49968fed05ca9427cb5748ff158433e3502cf80729b050e85cbd60c other.pamd
1676ee7a95041a3a9c3e3ae03bd714d72b9a47759c1b6c28511071c949df828e5f22814f3751ae4e01bb6dab4444369eeadd3d6e57a0ac8996901e6f0be97296 su.pamd"
# basic PAM configuration for Alpine.
# Welcome to Adélie Linux.
# This file contains the system-wide PAM configuration for account management.
account required pam_unix.so
# basic PAM configuration for Alpine.
# Welcome to Adélie Linux.
# This file contains the system-wide PAM configuration for authentication.
auth required pam_env.so
auth required pam_unix.so nullok_secure
auth required pam_unix.so
auth required pam_nologin.so successok
# basic PAM configuration for Alpine.
# Welcome to Adélie Linux.
password required pam_unix.so nullok obscure md5 sha512
# This file contains the system-wide PAM configuration for passwords.
password required pam_unix.so obscure sha512 minlen=8
# basic PAM configuration for Alpine.
# Welcome to Adélie Linux.
# This file contains the system-wide PAM configuration for session management.
session required pam_limits.so
session required pam_unix.so
# basic PAM configuration for Alpine.
# Welcome to Adélie Linux.
# This file contains the system-wide PAM configuration for session management
# for interactive logins.
session include base-session-noninteractive
session required pam_motd.so
# basic PAM configuration for Alpine.
# Welcome to Adélie Linux.
# This file ensures that the system-wide PAM configuration is read by default.
auth include base-auth
account include base-account
......
# basic PAM configuration for Alpine.
# Welcome to Adélie Linux.
# This file allows root to become any user without needing that user's
# password, via pam_rootok.so.
# If you do not wish to allow this behaviour, simply remove that line.
auth sufficient pam_rootok.so
auth include base-auth
account include base-account
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment