From adcaa7de9a9e497c37c9279cf2597fb1b90c9fab Mon Sep 17 00:00:00 2001 From: BlackNoxis Date: Wed, 14 Jan 2015 02:42:55 +0200 Subject: Add pambase to kogaion desk --- sys-auth/pambase/metadata.xml | 84 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 84 insertions(+) create mode 100644 sys-auth/pambase/metadata.xml (limited to 'sys-auth/pambase/metadata.xml') diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml new file mode 100644 index 00000000..7a357751 --- /dev/null +++ b/sys-auth/pambase/metadata.xml @@ -0,0 +1,84 @@ + + + + pam + + pam-bugs@gentoo.org + + + + Enable pam_cracklib module on system authentication stack. This + produces warnings when changing password to something easily + crackable. It requires the same USE flag to be enabled on + sys-libs/pam or system login might be impossible. + + + Enable pam_ck_connector module on local system logins. This + allows for console logins to make use of ConsoleKit + authorization. + + + Use pam_systemd module to register user sessions in the systemd + control group hierarchy. + + + Enable pam_gnome_keyring module on system login stack. This + enables proper Gnome Keyring access to logins, whether they are + done with the login shell, a Desktop Manager or a remote login + systems such as SSH. + + + Enable debug information logging on syslog(3) for all the + modules supporting this in the system authentication and system + login stacks. + + + Enable pam_passwdqc module on system auth stack for password + quality validation. This is an alternative to pam_cracklib + producing warnings, rejecting or providing example passwords + when changing your system password. It is used by default by + OpenWall GNU/*/Linux and by FreeBSD. + + + Enable pam_mktemp module on system auth stack for session + handling. This module creates a private temporary directory for + the user, and sets TMP and TMPDIR accordingly. + + + Enable pam_ssh module on system auth stack for authentication + and session handling. This module will accept as password the + passphrase of a private SSH key (one of ~/.ssh/id_rsa, + ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent + instance to cache the open key. + + + Switch Linux-PAM's pam_unix module to use sha512 for passwords + hashes rather than MD5. This option requires + >=sys-libs/pam-1.0.1 built against + >=sys-libs/glibc-2.7, if it's built against an + earlier version, it will silently be ignored, and MD5 hashes + will be used. All the passwords changed after this USE flag is + enabled will be saved to the shadow file hashed using SHA512 + function. The password previously saved will be left + untouched. Please note that while SHA512-hashed passwords will + still be recognised if the USE flag is removed, the shadow file + will not be compatible with systems using an earlier glibc + version. + + + Enable pam_krb5 module on system auth stack, as an alternative + to pam_unix. If Kerberos authentication succeed, only pam_unix + will be ignore, and all the other modules will proceed as usual, + including Gnome Keyring and other session modules. It requires + sys-libs/pam as PAM implementation. + + + Disables the standard PAM modules that provide extra information + to users on login; this includes pam_tally (and pam_tally2 for + Linux PAM 1.1 and later), pam_lastlog, pam_motd and other + similar modules. This might not be a good idea on a multi-user + system but could reduce slightly the overhead on single-user + non-networked systems. + + + -- cgit v1.2.3