Administrator's Guide
-r--r--r-- 1 root sys 1050 Nov 8 10:16 /etc/pam.conf
If this file is corrupt or missing from the system, root can log in to the console in single-user
mode to fix the problem.
The protected service names are listed in the system control file, /etc/pam.conf, under
four test categories (module-type): authentication, account, session, and password.
See pam(3), pam.conf(4), and pam_user.conf(4) for more information.
2.3.4 Sample /etc/pam.conf File
Following is a partial listing of a sample /etc/pam.conf file. Lines beginning with
pound (#) are comment lines. The sections in /etc/pam.conf are authentication
management, account management, session management, and password management.
#
# PAM configuration
#
# Notes:
#
# If the path to a library is not absolute, it is assumed to be
# relative to the directory /usr/lib/security/$ISA/
#
# For PA applications, /usr/lib/security/$ISA/libpam_unix.so.1 is a
# symbolic link that points to the corresponding PA (32 or 64-bit) PAM
# backend library.
#
# The $ISA (i.e. Instruction Set Architecture) token will be replaced
# by the PAM engine with an appropriate directory string.
# See pam.conf(4).
#
# Also note that the use of pam_hpsec(5) is mandatory for some of
# the services. See pam_hpsec(5).
#
# Authentication management
#
login auth required libpam_hpsec.so.1
login auth required libpam_hpsec.so.1
su auth required libpam.hpsec.so.1 bypass_setaud
su auth required libpam_unix.so.1
dtlogin auth required libpam_hpsec.so.1
dtlogin auth required libpam_unix.so.1
dtaction auth required libpam_hpsec.so.1
dtaction auth required libpam_unix.so.1
ftp auth required libpam_hpsec.so.1
ftp auth required libpam_unix.so.1
rcomds auth required libpam_hpsec.so.1
rcomds auth required libpam_unix.so.1
sshd auth required libpam_hpsec.so.1
sshd auth required libpam_unix.so.1
OTHER auth required libpam_unix.so.1
#
# Account management
#
login account required libpam_hpsec.so.1
login account required libpam_unix.so.1
38 Administering User and System Security