Ubuntu
Edit /etc/pam.d/sudo, and add the following two lines just below the line @include common-auth
auth [default=ignore success=1] pam_localuser.so # dualshield inserted auth required /opt/deepnet/dshield-computer-logon/lib/pam_dualshield.so # dualshield inserted
The /etc/pam.d/sudo should be like below:
#%PAM-1.0 session required pam_env.so readenv=1 user_readenv=0 session required pam_env.so readenv=1 envfile=/etc/default/locale user_readenv=0 @include common-auth auth [default=ignore success=1] pam_localuser.so # dualshield inserted auth required /opt/deepnet/dshield-computer-logon/lib/pam_dualshield.so # dualshield inserted @include common-account @include common-session-noninteractive
CentOS
Edit /etc/pam.d/sudo, and add the following three lines at beginning of the file
auth [success=2 default=ignore] pam_localuser.so # dualshield inserted auth [success=ignore default=1] pam_sss.so forward_pass # dualshield inserted auth required /opt/deepnet/dshield-computer-logon/lib/pam_dualshield.so # dualshield inserted
The /etc/pam.d/sudo should be like below:
auth [success=2 default=ignore] pam_localuser.so # dualshield inserted auth [success=ignore default=1] pam_sss.so forward_pass # dualshield inserted auth required /opt/deepnet/dshield-computer-logon/lib/pam_dualshield.so # dualshield inserted auth include system-auth account include system-auth password include system-auth session optional pam_keyinit.so revoke session include system-auth
