Commit c1f4d78e authored by Lars Beckers's avatar Lars Beckers
Browse files

aufs for guests

parent ed65470e
#
# /etc/pam.d/common-session - session-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive).
#
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
# To take advantage of this, it is recommended that you configure any
# local modules either before or after the default block, and use
# pam-auth-update to manage selection of other modules. See
# pam-auth-update(8) for details.
# here are the per-package modules (the "Primary" block)
session [default=1] pam_permit.so
# here's the fallback if no module succeeds
session requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
session required pam_permit.so
# and here are more per-package modules (the "Additional" block)
session optional pam_krb5.so minimum_uid=1000
session required pam_unix.so
session [success=ok default=ignore] pam_ldap.so minimum_uid=1000
session optional pam_ck_connector.so nox11
session optional pam_umask.so
# end of pam-auth-update config
......@@ -8,7 +8,7 @@
- config
- name: activate pam.d session modules to set default umask
copy: src=pam_common-session dest=/etc/pam.d/common-session owner=root group=root mode=0644
lineinfile: dest=/etc/pam.d/common-session line=session optional pam_umask.so
tags:
- umask
- pam
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment