- 论坛徽章:
- 0
|
我在/etc/pam.d/system-auth上增加了密码安全策略,这些策略可对普通用户生效,但对root用户没用,要如何做才能也对root用户生效呢?
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth required pam_tally.so deny=5 onerr=fail
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so
account required pam_unix.so
#account required pam_tally.so deny=5
account sufficient pam_succeed_if.so uid < 500 quiet
account required pam_permit.so
password requisite pam_cracklib.so try_first_pass retry=3 minlen=6 difok=3 dcredit=-1 lcredit=-1 ocredit=-1
password sufficient pam_unix.so remember=3 md5 shadow nullok try_first_pass use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
~
~
~
~
~
~ |
|