...
Ubuntu
Edit /etc/pam.d/sudo
...
, and add the following two lines just below the line @include common-auth
| Code Block |
|---|
auth [default=ignore success=1] pam_localuser.so # dualshield inserted auth required /opt/deepnet/dshield-computer-logon/lib/pam_dualshield.so # dualshield inserted |
The /etc/pam.d/sudo should be like
...
below:
| Code Block |
|---|
#%PAM-1.0 session required pam_env.so readenv=1 user_readenv=0 session required pam_env.so readenv=1 envfile=/etc/default/locale user_readenv=0 @include common-auth auth [default=ignore success=1] pam_localuser.so # dualshield inserted auth required /opt/deepnet/dshield-computer-logon/lib/pam_dualshield.so # dualshield inserted @include common-account @include common-session-noninteractive |
CentOS
Edit /etc/pam.d/sudo, and add the following three lines at beginning of the file
| Code Block |
|---|
auth [success=2 default=ignore] pam_localuser.so # dualshield inserted
auth [success=ignore default=1] pam_sss.so forward_pass # dualshield inserted
auth required /opt/deepnet/dshield-computer-logon/lib/pam_dualshield.so # dualshield inserted |
The /etc/pam.d/sudo should be like below:
| Code Block |
|---|
auth [success=2 default=ignore] pam_localuser.so # dualshield inserted
auth [success=ignore default=1] pam_sss.so forward_pass # dualshield inserted
auth required /opt/deepnet/dshield-computer-logon/lib/pam_dualshield.so # dualshield inserted
auth include system-auth
account include system-auth
password include system-auth
session optional pam_keyinit.so revoke
session include system-auth |
