Manualshelf

Configuration Guide for Kerberos Client Products on HP-UX 11.0 | HP-UX 11i v1 | HP-UX 11i v1.6 | HP-UX 11i v2

ManualsBrandsHP ManualsSoftwareHP-UX Kerberos Data Security Software
31323334353637383940
Introduction to the Kerberos Products and GSS-API
PAM Kerberos
Chapter 2 37
login account required /usr/lib/security/$ISA/libpam_unix.so.1
su account required /usr/lib/security/$ISA/libpam_krb5.so.1
su account required /usr/lib/security/$ISA/libpam_unix.so.1
dtlogin account required /usr/lib/security/$ISA/libpam_krb5.so.1
dtlogin account required /usr/lib/security/$ISA/libpam_unix.so.1
dtaction account required /usr/lib/security/$ISA/libpam_krb5.so.1
dtaction account required /usr/lib/security/$ISA/libpam_unix.so.1
ftp account required /usr/lib/security/$ISA/libpam_krb5.so.1
ftp account required /usr/lib/security/$ISA/libpam_unix.so.1
OTHER account sufficient /usr/lib/security/$ISA/libpam_unix.so.1
#
# Session management
#
login session required /usr/lib/security/$ISA/libpam_krb5.so.1
login session required /usr/lib/security/$ISA/libpam_unix.so.1
dtlogin session required /usr/lib/security/$ISA/libpam_krb5.so.1
dtlogin session required /usr/lib/security/$ISA/libpam_unix.so.1
dtaction session required /usr/lib/security/$ISA/libpam_krb5.so.1
dtaction session required /usr/lib/security/$ISA/libpam_unix.so.1
OTHER session sufficient /usr/lib/security/$ISA/libpam_unix.so.1
#
# Password management
#
login password sufficient /usr/lib/security/$ISA/libpam_krb5.so.1
login password required /usr/lib/security/$ISA/libpam_unix.so.1
passwd password sufficient /usr/lib/security/$ISA/libpam_krb5.so.1
passwd password required /usr/lib/security/$ISA/libpam_unix.so.1
dtlogin password sufficient /usr/lib/security/$ISA/libpam_krb5.so.1
dtlogin password required /usr/lib/security/$ISA/libpam_unix.so.1
dtaction password sufficient /usr/lib/security/$ISA/libpam_krb5.so.1
dtaction password required /usr/lib/security/$ISA/libpam_unix.so.1
OTHER password sufficient /usr/lib/security/$ISA/libpam_unix.so.1
The Account Management Module
The Account Management module provides a function to perform
account management. This function retrieves the user’s account and
password expiration information from Kerberos database and verifies
that they have not expired. The module does not issue any warning if the
account or the password is about to expire.
The following options can be passed to the Account Management module
through the /etc/pam.conf(4) file:
debug This option allows syslog(3C) debugging information
at LOG_DEBUG level.