From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1180506-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 789B81382C5
	for <garchives@archives.gentoo.org>; Thu, 18 Jun 2020 10:11:57 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id B1A24E091A;
	Thu, 18 Jun 2020 10:11:56 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 98934E091A
	for <gentoo-commits@lists.gentoo.org>; Thu, 18 Jun 2020 10:11:56 +0000 (UTC)
Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 0478C34EE7C
	for <gentoo-commits@lists.gentoo.org>; Thu, 18 Jun 2020 10:11:55 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id F0505175
	for <gentoo-commits@lists.gentoo.org>; Thu, 18 Jun 2020 10:11:51 +0000 (UTC)
From: "Mikle Kolyada" <zlogene@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Mikle Kolyada" <zlogene@gentoo.org>
Message-ID: <1592474918.75cd44e94032b13bba41539737d6ac63623217e1.zlogene@gentoo>
Subject: [gentoo-commits] proj/pambase:master commit in: /
X-VCS-Repository: proj/pambase
X-VCS-Files: system-auth.in system-login.in
X-VCS-Directories: /
X-VCS-Committer: zlogene
X-VCS-Committer-Name: Mikle Kolyada
X-VCS-Revision: 75cd44e94032b13bba41539737d6ac63623217e1
X-VCS-Branch: master
Date: Thu, 18 Jun 2020 10:11:51 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: c6602c8d-b91b-42b8-9a3c-b60fd3276fd0
X-Archives-Hash: d617f0fe32e69bd43ab040527f94f4d9

commit:     75cd44e94032b13bba41539737d6ac63623217e1
Author:     Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
AuthorDate: Thu Jun 18 10:02:10 2020 +0000
Commit:     Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
CommitDate: Thu Jun 18 10:08:38 2020 +0000
URL:        https://gitweb.gentoo.org/proj/pambase.git/commit/?id=75cd44e9

move faillock last in auth

Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>

 system-auth.in  | 12 ++++++------
 system-login.in | 11 ++++++-----
 2 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/system-auth.in b/system-auth.in
index 6eea7bc..9ae09e4 100644
--- a/system-auth.in
+++ b/system-auth.in
@@ -2,12 +2,6 @@
 auth		required	pam_env.so DEBUG
 #endif
 
-#if HAVE_FAILLOCK
-auth            required        pam_faillock.so preauth silent audit deny=3 unlock_time=600
-auth            sufficient      pam_unix.so nullok try_first_pass
-auth            [default=die]   pam_faillock.so authfail audit deny=3 unlock_time=600
-#endif
-
 #if HAVE_PAM_SSH
 auth		sufficient	pam_ssh.so
 #endif
@@ -18,6 +12,12 @@ auth		required	pam_unix.so try_first_pass LIKEAUTH NULLOK DEBUG
 /* This is needed to make sure that the Kerberos skip-on-success won't cause a bad jump. */
 auth		optional	pam_permit.so
 
+#if HAVE_FAILLOCK
+auth            required        pam_faillock.so preauth silent audit deny=3 unlock_time=600
+auth            sufficient      pam_unix.so nullok try_first_pass
+auth            [default=die]   pam_faillock.so authfail audit deny=3 unlock_time=600
+#endif
+
 #if HAVE_KRB5
 account		KRB5_CONTROL	pam_krb5.so KRB5_PARAMS
 #endif

diff --git a/system-login.in b/system-login.in
index 9e82d60..ee03613 100644
--- a/system-login.in
+++ b/system-login.in
@@ -1,8 +1,3 @@
-#if HAVE_FAILLOCK
-auth            required        pam_faillock.so preauth silent audit deny=3 unlock_time=600
-auth            sufficient	pam_unix.so nullok try_first_pass
-auth            [default=die]   pam_faillock.so authfail audit deny=3 unlock_time=600
-#endif
 
 #if HAVE_SHELLS
 auth		required	pam_shells.so DEBUG
@@ -12,6 +7,12 @@ auth		required	pam_nologin.so DEBUG_NOLOGIN
 #endif
 auth		include		system-auth
 
+#if HAVE_FAILLOCK
+auth            required        pam_faillock.so preauth silent audit deny=3 unlock_time=600
+auth            sufficient      pam_unix.so nullok try_first_pass
+auth            [default=die]   pam_faillock.so authfail audit deny=3 unlock_time=600
+#endif
+
 #if HAVE_ACCESS
 account		required	pam_access.so DEBUG
 #endif