From aa021e2d306ba4a457ec226ae35e2effd56b244b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Camu=C3=B1as?= Date: Tue, 30 Jul 2024 12:32:05 +0200 Subject: [PATCH] restored debian10 templates --- templates/login.debian10.erb | 19 +++++++++++++++++++ templates/sshd.debian10.erb | 18 ++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 templates/login.debian10.erb create mode 100644 templates/sshd.debian10.erb diff --git a/templates/login.debian10.erb b/templates/login.debian10.erb new file mode 100644 index 0000000..3681d2d --- /dev/null +++ b/templates/login.debian10.erb @@ -0,0 +1,19 @@ +auth optional pam_faildelay.so delay=3000000 +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so +auth requisite pam_nologin.so +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close +session required pam_loginuid.so +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +session required pam_env.so readenv=1 +session required pam_env.so readenv=1 envfile=/etc/default/locale +@include common-auth +auth optional pam_group.so +session required pam_limits.so +session optional pam_lastlog.so +session optional pam_motd.so motd=/run/motd.dynamic +session optional pam_motd.so noupdate +session optional pam_mail.so standard +session optional pam_keyinit.so force revoke +@include common-account +@include common-session +@include common-password \ No newline at end of file diff --git a/templates/sshd.debian10.erb b/templates/sshd.debian10.erb new file mode 100644 index 0000000..1909bf9 --- /dev/null +++ b/templates/sshd.debian10.erb @@ -0,0 +1,18 @@ +@include common-auth +account required pam_nologin.so +<% if @sshd_pam_access != 'absent' -%> +account <%= @sshd_pam_access %> pam_access.so +<% end -%> +@include common-account +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close +session required pam_loginuid.so +session optional pam_keyinit.so force revoke +@include common-session +session optional pam_motd.so motd=/run/motd.dynamic +session optional pam_motd.so noupdate +session optional pam_mail.so standard noenv # [1] +session required pam_limits.so +session required pam_env.so # [1] +session required pam_env.so user_readenv=1 envfile=/etc/default/locale +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +@include common-password \ No newline at end of file