diff options
| author | Jafar Al-Gharaibeh <jafar@atcorp.com> | 2024-01-30 17:24:57 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-30 17:24:57 +0100 |
| commit | 471e4b7bbe1eeda362d93baa5f8e2b866166a634 (patch) | |
| tree | 8f5c0e6b57d3de54fd07bb585b1f575d3378df34 | |
| parent | Merge pull request #15250 from opensourcerouting/fix/memory_optimizations (diff) | |
| parent | packaging: Just permit anything if PAM is enabled (diff) | |
| download | frr-471e4b7bbe1eeda362d93baa5f8e2b866166a634.tar.xz frr-471e4b7bbe1eeda362d93baa5f8e2b866166a634.zip | |
Merge pull request #15163 from opensourcerouting/fix/pam_account
packaging: Require account validation with pam_unix.so if PAM enabled
| -rw-r--r-- | debian/frr.pam | 2 | ||||
| -rw-r--r-- | redhat/frr.pam | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/debian/frr.pam b/debian/frr.pam index 737b88953..1077243a1 100644 --- a/debian/frr.pam +++ b/debian/frr.pam @@ -1,4 +1,4 @@ # Any user may call vtysh but only those belonging to the group frrvty can # actually connect to the socket and use the program. auth sufficient pam_permit.so -account sufficient pam_rootok.so +account sufficient pam_permit.so diff --git a/redhat/frr.pam b/redhat/frr.pam index 17a62f199..a574c5e57 100644 --- a/redhat/frr.pam +++ b/redhat/frr.pam @@ -4,8 +4,8 @@ ##### if running frr as root: # Only allow root (and possibly wheel) to use this because enable access # is unrestricted. -auth sufficient pam_rootok.so -account sufficient pam_rootok.so +auth sufficient pam_permit.so +account sufficient pam_permit.so # Uncomment the following line to implicitly trust users in the "wheel" group. #auth sufficient pam_wheel.so trust use_uid |