ldap/pam: enable pam/ldap authentication

- modify pam configuration files to use ldap - modify sshd to enable pam - modify nsswitch.conf to use ldap Signed-off-by: Amy Fong <amy.fong@windriver.com>
author: Amy Fong <amy.fong@windriver.com> 2014-07-22 09:55:30 -0400
committer: Bruce Ashfield <bruce.ashfield@windriver.com> 2014-07-30 00:50:21 -0400
commit: 91f39a6e38e6e6fd1e9b6582fb85cd273f3249bb (patch)
tree: 9d936adcd87c0b814d13f135340d81c48fe82aed /meta-openstack/recipes-connectivity/openssh/files/mcs-sshd
parent: 9ec30c79de0764d8c45518644e539e18ddde8b84 (diff)
download: meta-cloud-services-91f39a6e38e6e6fd1e9b6582fb85cd273f3249bb.tar.gz
1 files changed, 33 insertions, 0 deletions
diff --git a/meta-openstack/recipes-connectivity/openssh/files/mcs-sshd b/meta-openstack/recipes-connectivity/openssh/files/mcs-sshd
new file mode 100755
index 0000000..3420bd2
--- /dev/null
+++ b/meta-openstack/recipes-connectivity/openssh/files/mcs-sshd
@@ -0,0 +1,33 @@
+# PAM configuration for the Secure Shell service
+# Standard Un*x authentication.
+auth include common-auth
+# Disallow non-root logins when /etc/nologin exists.
+account    required     pam_nologin.so
+# Uncomment and edit /etc/security/access.conf if you need to set complex
+# access limits that are hard to express in sshd_config.
+# account  required     pam_access.so
+# Standard Un*x authorization.
+account include common-account
+# Set the loginuid process attribute.
+session    required     pam_loginuid.so
+# Create a new session keyring.
+session    optional     pam_keyinit.so force revoke
+# Standard Un*x session setup and teardown.
+session include common-session
+# Set up user limits from /etc/security/limits.conf.
+session    required     pam_limits.so
+# Read environment variables from /etc/environment and
+# /etc/security/pam_env.conf.
+session    required     pam_env.so # [1]
+# Standard Un*x password updating.
+password include common-password
author	Amy Fong <amy.fong@windriver.com>	2014-07-22 09:55:30 -0400
committer	Bruce Ashfield <bruce.ashfield@windriver.com>	2014-07-30 00:50:21 -0400
commit	91f39a6e38e6e6fd1e9b6582fb85cd273f3249bb (patch)
tree	9d936adcd87c0b814d13f135340d81c48fe82aed /meta-openstack/recipes-connectivity/openssh/files/mcs-sshd
parent	9ec30c79de0764d8c45518644e539e18ddde8b84 (diff)
download	meta-cloud-services-91f39a6e38e6e6fd1e9b6582fb85cd273f3249bb.tar.gz

diff --git a/meta-openstack/recipes-connectivity/openssh/files/mcs-sshd b/meta-openstack/recipes-connectivity/openssh/files/mcs-sshd new file mode 100755 index 0000000..3420bd2 --- /dev/null +++ b/meta-openstack/recipes-connectivity/openssh/files/mcs-sshd
@@ -0,0 +1,33 @@
	1	# PAM configuration for the Secure Shell service
	2
	3	# Standard Un*x authentication.
	4	auth include common-auth
	5
	6	# Disallow non-root logins when /etc/nologin exists.
	7	account required pam_nologin.so
	8
	9	# Uncomment and edit /etc/security/access.conf if you need to set complex
	10	# access limits that are hard to express in sshd_config.
	11	# account required pam_access.so
	12
	13	# Standard Un*x authorization.
	14	account include common-account
	15
	16	# Set the loginuid process attribute.
	17	session required pam_loginuid.so
	18
	19	# Create a new session keyring.
	20	session optional pam_keyinit.so force revoke
	21
	22	# Standard Un*x session setup and teardown.
	23	session include common-session
	24
	25	# Set up user limits from /etc/security/limits.conf.
	26	session required pam_limits.so
	27
	28	# Read environment variables from /etc/environment and
	29	# /etc/security/pam_env.conf.
	30	session required pam_env.so # [1]
	31
	32	# Standard Un*x password updating.
	33	password include common-password