freebsd-src/crypto/heimdal/lib/auth/pam/pam.conf.add

To enable PAM in dtlogin and /bin/login under SunOS 5.6 apply this patch:

--- /etc/pam.conf.DIST	Mon Jul 20 15:37:46 1998
+++ /etc/pam.conf	Tue Feb 15 19:39:12 2000
@@ -4,15 +4,19 @@
 #
 # Authentication management
 #
+login	auth sufficient	/usr/athena/lib/pam_krb4.so
 login	auth required 	/usr/lib/security/pam_unix.so.1 
 login	auth required 	/usr/lib/security/pam_dial_auth.so.1 
 #
 rlogin  auth sufficient /usr/lib/security/pam_rhosts_auth.so.1
 rlogin	auth required 	/usr/lib/security/pam_unix.so.1
 #
+dtlogin	auth sufficient	/usr/athena/lib/pam_krb4.so
 dtlogin	auth required 	/usr/lib/security/pam_unix.so.1 
 #
 rsh	auth required	/usr/lib/security/pam_rhosts_auth.so.1
+# Reafslog is for dtlogin lock display
+other	auth sufficient	/usr/athena/lib/pam_krb4.so reafslog
 other	auth required	/usr/lib/security/pam_unix.so.1
 #
 # Account management
@@ -24,6 +28,8 @@
 #
 # Session management
 #
+dtlogin	session required	/usr/athena/lib/pam_krb4.so
+login	session required	/usr/athena/lib/pam_krb4.so
 other	session required	/usr/lib/security/pam_unix.so.1 
 #
 # Password management
---------------------------------------------------------------------------
To enable PAM in /bin/login and xdm under Red Hat 6.? apply these patches:

--- /etc/pam.d/login~	Tue Dec  7 12:01:35 1999
+++ /etc/pam.d/login	Wed May 31 16:27:55 2000
@@ -1,9 +1,12 @@
 #%PAM-1.0
+# Updated to work with kerberos
+auth       sufficient   /usr/athena/lib/pam_krb4.so.1.0.1
 auth       required	/lib/security/pam_securetty.so
 auth       required	/lib/security/pam_pwdb.so shadow nullok
 auth       required	/lib/security/pam_nologin.so
 account    required	/lib/security/pam_pwdb.so
 password   required	/lib/security/pam_cracklib.so
 password   required	/lib/security/pam_pwdb.so nullok use_authtok md5 shadow
+session    required     /usr/athena/lib/pam_krb4.so.1.0.1
 session    required	/lib/security/pam_pwdb.so
 session    optional	/lib/security/pam_console.so
--- /etc/pam.d/xdm~	Wed May 31 16:33:54 2000
+++ /etc/pam.d/xdm	Wed May 31 16:28:29 2000
@@ -1,8 +1,11 @@
 #%PAM-1.0
+# Updated to work with kerberos
+auth       sufficient   /usr/athena/lib/pam_krb4.so.1.0.1
 auth       required	/lib/security/pam_pwdb.so shadow nullok
 auth       required	/lib/security/pam_nologin.so
 account    required	/lib/security/pam_pwdb.so
 password   required	/lib/security/pam_cracklib.so
 password   required	/lib/security/pam_pwdb.so shadow nullok use_authtok
+session    required     /usr/athena/lib/pam_krb4.so.1.0.1
 session    required	/lib/security/pam_pwdb.so
 session    optional     /lib/security/pam_console.so
--- /etc/pam.d/gdm~	Wed May 31 16:33:54 2000
+++ /etc/pam.d/gdm	Wed May 31 16:34:28 2000
@@ -1,8 +1,11 @@
 #%PAM-1.0
+# Updated to work with kerberos
+auth       sufficient   /usr/athena/lib/pam_krb4.so.1.0.1
 auth       required	/lib/security/pam_pwdb.so shadow nullok
 auth       required	/lib/security/pam_nologin.so
 account    required	/lib/security/pam_pwdb.so
 password   required	/lib/security/pam_cracklib.so
 password   required	/lib/security/pam_pwdb.so shadow nullok use_authtok
+session    required     /usr/athena/lib/pam_krb4.so.1.0.1
 session    required	/lib/security/pam_pwdb.so
 session    optional     /lib/security/pam_console.so

--------------------------------------------------------------------------

This stuff may work under some other system.

# To get this to work, you will have to add entries to /etc/pam.conf
#
# To make login kerberos-aware, you might change pam.conf to look
# like:

# login authorization
login   auth       sufficient   /lib/security/pam_krb4.so
login   auth       required     /lib/security/pam_securetty.so
login   auth       required     /lib/security/pam_unix_auth.so
login   account    required     /lib/security/pam_unix_acct.so
login   password   required     /lib/security/pam_unix_passwd.so
login   session    required     /lib/security/pam_krb4.so
login   session    required     /lib/security/pam_unix_session.so