1*4882a593Smuzhiyun# 2*4882a593Smuzhiyun# /etc/pam.d/other - specify the PAM fallback behaviour 3*4882a593Smuzhiyun# 4*4882a593Smuzhiyun# Note that this file is used for any unspecified service; for example 5*4882a593Smuzhiyun#if /etc/pam.d/cron specifies no session modules but cron calls 6*4882a593Smuzhiyun#pam_open_session, the session module out of /etc/pam.d/other is 7*4882a593Smuzhiyun#used. 8*4882a593Smuzhiyun 9*4882a593Smuzhiyun# We use pam_warn.so to generate syslog notes that the 'other' 10*4882a593Smuzhiyun#fallback rules are being used (as a hint to suggest you should setup 11*4882a593Smuzhiyun#specific PAM rules for the service and aid to debugging). Then to be 12*4882a593Smuzhiyun#secure, deny access to all services by default. 13*4882a593Smuzhiyun 14*4882a593Smuzhiyunauth required pam_warn.so 15*4882a593Smuzhiyunauth required pam_deny.so 16*4882a593Smuzhiyun 17*4882a593Smuzhiyunaccount required pam_warn.so 18*4882a593Smuzhiyunaccount required pam_deny.so 19*4882a593Smuzhiyun 20*4882a593Smuzhiyunpassword required pam_warn.so 21*4882a593Smuzhiyunpassword required pam_deny.so 22*4882a593Smuzhiyun 23*4882a593Smuzhiyunsession required pam_warn.so 24*4882a593Smuzhiyunsession required pam_deny.so 25