Conf de ldap.

* Acces a la base
* Conf de pam pour ldap
* Conf de nss pour ldap

darcs-hash:20080209021350-af139-0dd9ab0a07fd64c38d18efc94d7c82b130d6df17.gz

Python/etc/pam.d/common-account

@@ -0,0 +1,15 @@
+# -*- mode: python; coding: utf-8 -*-
+
+include("pam")
+
+header("""
+/etc/pam.d/common-account - authorization settings common to all services
+
+This file is included from other service-specific PAM config files,
+and should contain a list of the authorization modules that define
+the central access policy for use on the system.  The default is to
+only deny service to users whose accounts are expired in /etc/shadow.
+""")
+
+print "account sufficient %s" % pam_module
+print "account required   pam_unix.so use_first_pass"

Python/etc/pam.d/common-auth

@@ -0,0 +1,16 @@
+# -*- mode: python; coding: utf-8 -*-
+
+include("pam")
+
+header("""
+/etc/pam.d/common-auth - authentication settings common to all services
+
+This file is included from other service-specific PAM config files,
+and should contain a list of the authentication modules that define
+the central authentication scheme for use on the system
+(e.g., /etc/shadow, LDAP, Kerberos, etc.).  The default is to use the
+traditional Unix authentication mechanisms.
+""")
+
+print "auth sufficient %s" % pam_module
+print "auth required   pam_unix.so nullok_secure use_first_pass"

Python/etc/pam.d/common-password

@@ -0,0 +1,30 @@
+# -*- mode: python; coding: utf-8 -*-
+
+include("pam")
+
+header("""
+/etc/pam.d/common-password - password-related modules common to all services
+
+This file is included from other service-specific PAM config files,
+and should contain a list of modules that define  the services to be
+used to change user passwords.  The default is pam_unix
+""")
+
+@# The "nullok" option allows users to change an empty password, else
+@# empty passwords are treated as locked accounts.
+@#
+@# (Add `md5' after the module name to enable MD5 passwords)
+@#
+@# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+@# login.defs. Also the "min" and "max" options enforce the length of the
+@# new password.
+
+print "password   sufficient %s ignore_unknown_user md5 try_first_pass" % pam_module
+print "password   required   pam_unix.so nullok obscure min=4 max=8 md5 try_first_pass"
+
+@# Alternate strength checking for password. Note that this
+@# requires the libpam-cracklib package to be installed.
+@# You will need to comment out the password line above and
+@# uncomment the next two in order to use this.
+@# (Replaces the `OBSCURE_CHECKS_ENAB', `CRACKLIB_DICTPATH')
+

Python/etc/pam.d/common-session

@@ -0,0 +1,16 @@
+# -*- mode: python; coding: utf-8 -*-
+
+include("pam")
+
+header("""
+/etc/pam.d/common-session - session-related modules common to all services
+
+This file is included from other service-specific PAM config files,
+and should contain a list of modules that define tasks to be performed
+at the start and end of sessions of *any* kind (both interactive and
+non-interactive).  The default is pam_unix.
+""")
+
+print "session sufficient %s" % pam_module
+print "session required   pam_unix.so"
+print "session required   pam_mkhomedir.so"