2 ##########################################################
3 # Copyright (C) The Arvados Authors. All rights reserved.
5 # SPDX-License-Identifier: CC-BY-SA-3.0
7 ########################################################################
8 # File managed by Salt at <{{ source }}>.
9 # Your changes will be overwritten.
10 ########################################################################
11 auth optional pam_faildelay.so delay=3000000
12 auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
13 auth requisite pam_nologin.so
14 session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
15 session required pam_env.so readenv=1
16 session required pam_env.so readenv=1 envfile=/etc/default/locale
18 # yamllint disable rule:line-length
19 auth [success=1 default=ignore] /usr/lib/pam_arvados.so {{ arvados.cluster.domain }} shell.{{ arvados.cluster.domain }}
20 # yamllint enable rule:line-length
21 auth requisite pam_deny.so
22 auth required pam_permit.so
24 auth optional pam_group.so
25 session required pam_limits.so
26 session optional pam_lastlog.so
27 session optional pam_motd.so motd=/run/motd.dynamic
28 session optional pam_motd.so
29 session optional pam_mail.so standard
31 @include common-account
32 @include common-session
33 @include common-password
35 session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open