# This file is part of elogind.

# You really want to adjust this to your local distribution. If you use this
# unmodified you are not building systems safely and securely.

auth      sufficient pam_unix.so
#if 0 /// elogind has no homed service
# -auth     sufficient pam_systemd_home.so
#endif // 0
auth      required   pam_deny.so

account   required   pam_nologin.so
#if 0 /// elogind has no homed service
# -account  sufficient pam_systemd_home.so
#endif // 0
account   sufficient pam_unix.so
account   required   pam_permit.so

#if 0 /// elogind has no homed service
# -password sufficient pam_systemd_home.so
#endif // 0
password  sufficient pam_unix.so sha512 shadow try_first_pass
password  required   pam_deny.so

-session  optional   pam_keyinit.so revoke
-session  optional   pam_loginuid.so
#if 0 /// elogind has no homed service
# -session  optional   pam_systemd_home.so
#endif // 0
-session  optional   pam_elogind.so
session   required   pam_unix.so
