aboutsummaryrefslogtreecommitdiffstats
path: root/modules/pam/templates/system-auth
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam/templates/system-auth')
-rw-r--r--modules/pam/templates/system-auth12
1 files changed, 6 insertions, 6 deletions
diff --git a/modules/pam/templates/system-auth b/modules/pam/templates/system-auth
index 7dc3a47f..79c95264 100644
--- a/modules/pam/templates/system-auth
+++ b/modules/pam/templates/system-auth
@@ -1,10 +1,4 @@
auth required pam_env.so
-<%- if access_class = 'admin' -%>
-auth required pam_succeed_if.so quiet user ingroup mga-sysadmin
-<%- end -%>
-<%- if access_class = 'committers' -%>
-auth required pam_succeed_if.so quiet user ingroup mga-committers
-<%- end -%>
# this part is here if the module don't exist
# basically, the idea is to copy the exact detail of sufficient,
# and add abort=ignore
@@ -15,6 +9,12 @@ auth required pam_deny.so
account sufficient pam_localuser.so
+<%- if access_class == 'admin' -%>
+account required pam_succeed_if.so quiet user ingroup mga-sysadmin
+<%- end -%>
+<%- if access_class == 'committers' -%>
+account required pam_succeed_if.so quiet user ingroup mga-committers
+<%- end -%>
account sufficient pam_ldap.so
account required pam_deny.so
generated by cgit v1.2.1 (git 2.21.0) at 2024-07-06 15:26:17 +0000