config-util000064400000000350150251732100006701 0ustar00#%PAM-1.0 auth sufficient pam_rootok.so auth sufficient pam_timestamp.so auth include system-auth account required pam_permit.so session required pam_permit.so session optional pam_xauth.so session optional pam_timestamp.so runuser-l000064400000000212150251732100006412 0ustar00#%PAM-1.0 auth include runuser session optional pam_keyinit.so force revoke -session optional pam_systemd.so session include runuser chfn000064400000000526150251732100005404 0ustar00#%PAM-1.0 auth sufficient pam_rootok.so auth include system-auth account required pam_succeed_if.so shell != /usr/local/cpanel/bin/noshell account required pam_succeed_if.so shell != /usr/local/cpanel/bin/jailshell account include system-auth password include system-auth session include system-auth polkit-1000064400000000233150251732100006121 0ustar00#%PAM-1.0 auth include system-auth account include system-auth password include system-auth session include system-auth sudo000064400000000310150251732100005427 0ustar00#%PAM-1.0 auth include system-auth account include system-auth password include system-auth session optional pam_keyinit.so revoke session include system-auth crond000064400000000437150251732100005574 0ustar00# # The PAM configuration file for the cron daemon # # # No PAM authentication called, auth modules not needed account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth auth include system-auth exim000064400000000164150251732100005426 0ustar00#%PAM-1.0 auth required /lib/security/pam_pwdb.so shadow nullok account required /lib/security/pam_pwdb.so systemd-user000064400000000201150251732100007120 0ustar00# This file is part of systemd. # # Used by systemd --user instances. account include system-auth session include system-auth su-l000064400000000211150251732100005335 0ustar00#%PAM-1.0 auth include su account include su password include su session optional pam_keyinit.so force revoke session include su password-auth000064400000001422150251732100007263 0ustar00#%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth required pam_hulk.so auth sufficient pam_unix.so try_first_pass nullok auth required pam_deny.so account required pam_unix.so password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so try_first_pass use_authtok nullok sha512 shadow password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so dovecot000064400000000235150251732100006126 0ustar00#%PAM-1.0 auth required pam_nologin.so auth include system-auth account include system-auth session include system-auth postlogin000064400000000511150251732100006476 0ustar00#%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. session [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet session [default=1] pam_lastlog.so nowtmp showfailed session optional pam_lastlog.so silent noupdate showfailed atd000064400000000420150251732100005227 0ustar00# The PAM configuration file for the at daemon # # auth required pam_env.so auth include password-auth account required pam_access.so account include password-auth session required pam_loginuid.so session include password-auth runuser000064400000000217150251732100006166 0ustar00#%PAM-1.0 auth sufficient pam_rootok.so session optional pam_keyinit.so revoke session required pam_limits.so session required pam_unix.so other000064400000000232150251732100005601 0ustar00#%PAM-1.0 auth required pam_deny.so account required pam_deny.so password required pam_deny.so session required pam_deny.so fingerprint-auth000064400000001275150251732100007756 0ustar00#%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_fprintd.so auth required pam_deny.so account required pam_unix.so account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account required pam_permit.so password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so system-auth000064400000001422150251732100006745 0ustar00#%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth required pam_hulk.so auth sufficient pam_unix.so try_first_pass nullok auth required pam_deny.so account required pam_unix.so password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so try_first_pass use_authtok nullok sha512 shadow password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so postgresql_cpses000064400000000106150251732100010060 0ustar00#%PAM-1.0 auth required pam_cpses.so account required pam_cpses.so sshd000064400000001657150251732100005435 0ustar00#%PAM-1.0 auth required pam_sepermit.so auth substack password-auth auth include postlogin # Used with polkit to reauthorize users in remote sessions -auth optional pam_reauthorize.so prepare account required pam_nologin.so account include password-auth password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session required pam_namespace.so session optional pam_keyinit.so force revoke session include password-auth session include postlogin # Used with polkit to reauthorize users in remote sessions -session optional pam_reauthorize.so prepare auth required pam_shells.so su000064400000001034150251732100005110 0ustar00#%PAM-1.0 auth sufficient pam_rootok.so # Uncomment the following line to implicitly trust users in the "wheel" group. #auth sufficient pam_wheel.so trust use_uid # Uncomment the following line to require a user to be in the "wheel" group. #auth required pam_wheel.so use_uid auth substack system-auth auth include postlogin account sufficient pam_succeed_if.so uid = 0 use_uid quiet account include system-auth password include system-auth session include system-auth session include postlogin session optional pam_xauth.so passwd000064400000000274150251732100005767 0ustar00#%PAM-1.0 auth include system-auth account include system-auth password substack system-auth -password optional pam_gnome_keyring.so use_authtok password substack postlogin setup000064400000000221150251732100005616 0ustar00#%PAM-1.0 auth sufficient pam_rootok.so auth include system-auth account required pam_permit.so session required pam_permit.so ftp000075500000000433150251732100005257 0ustar00#%PAM-1.0 auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed auth required /lib/security/pam_pwdb.so shadow nullok account required /lib/security/pam_pwdb.so session required /lib/security/pam_pwdb.so vlock000064400000000124150251732100005576 0ustar00#%PAM-1.0 auth include system-auth account required pam_permit.so chsh000064400000000526150251732100005413 0ustar00#%PAM-1.0 auth sufficient pam_rootok.so auth include system-auth account required pam_succeed_if.so shell != /usr/local/cpanel/bin/noshell account required pam_succeed_if.so shell != /usr/local/cpanel/bin/jailshell account include system-auth password include system-auth session include system-auth sudo-i000064400000000262150251732100005663 0ustar00#%PAM-1.0 auth include sudo account include sudo password include sudo session optional pam_keyinit.so force revoke session include sudo smartcard-auth000064400000001347150251732100007407 0ustar00#%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth [success=done ignore=ignore default=die] pam_pkcs11.so wait_for_card auth required pam_deny.so account required pam_unix.so account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account required pam_permit.so password optional pam_pkcs11.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so login000064400000001434150251732100005575 0ustar00#%PAM-1.0 auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so auth substack system-auth auth include postlogin account required pam_nologin.so account include system-auth password include system-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so session optional pam_console.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open session required pam_namespace.so session optional pam_keyinit.so force revoke session include system-auth session include postlogin -session optional pam_ck_connector.so screen000064400000000044150251732100005740 0ustar00#%PAM-1.0 auth include system-auth remote000064400000001251150251732100005755 0ustar00#%PAM-1.0 auth required pam_securetty.so auth substack password-auth auth include postlogin account required pam_nologin.so account include password-auth password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open session required pam_namespace.so session optional pam_keyinit.so force revoke session include password-auth session include postlogin