#%PAM-1.0 # Authentication modules # If their user exists (success), auth [success=ignore ignore=ignore default=1] pam_succeed_if.so uid >= 0 # print the "You don't have tickets" error: auth [success=die ignore=reset default=die] pam_echo.so file=/etc/issue.net.no_tkt # else print the "your account doesn't exist" error: auth [success=die ignore=reset default=die] pam_echo.so file=/etc/issue.net.no_user # Set environment variables: auth required pam_env.so # Use Unix authentication and succeed immediately (sufficient): auth sufficient pam_unix.so try_first_pass # If they somehow slipped through, deny: auth required pam_deny.so account required pam_nologin.so account include system-auth password include system-auth session optional pam_keyinit.so force revoke session include system-auth session required pam_loginuid.so