system-auth-ac - Common configuration file for PAMified services written by authconfig(8)
The purpose of this configuration file is to provide common configuration file for all applications and service daemons calling PAM library.
The system-auth configuration file is included from all individual service configuration files with the help of the include directive. When authconfig(8) writes the system PAM configuration file it replaces the default system-auth file with a symlink pointing to system-auth-ac and writes the configuration to this file. The symlink is not changed on subsequent configuration changes even if it points elsewhere. This allows system administrators to override the configuration written by authconfig.
EXAMPLEConfigure system to use pam_tally2 for configuration of maximum number of failed logins. Also call pam_access to verify if access is allowed.
Make system-auth symlink point to system-auth-local which contains:
auth requisite pam_access.so
auth requisite pam_tally2.so deny=3 lock_time=30 \
auth include system-auth-ac
account required pam_tally2.so
account include system-auth-ac
password include system-auth-ac
session include system-auth-ac
SEE ALSOpam(8), system-auth(5)