Hi, I'm running some GCE instances, with OS login enabled and would like to run scripts when a user fails to authenticate
on /etc/pam.d/system-auth I have this: auth required pam_env.so auth sufficient pam_unix.so try_first_pass nullok auth required pam_deny.so account required pam_unix.so password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so try_first_pass use_authtok nullok sha512 shadow password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so I've tried adding the exec after the pam.deny but it didn't work, is this the right place to be added? Does anyone have any clues? thanks
_______________________________________________ Pam-list mailing list [email protected] https://listman.redhat.com/mailman/listinfo/pam-list
