RHEL4 Upgrade 3 /etc/pam.d/common-account needed?
We are doing a security audit of the lab I work at and one of the problems I was given to solve was if the /etc/pam.d/common-account file needs to be in our pam.d setup. Also if so, what it should contain.
After researching a little it seems to me that this module will perform common checks on all accounts that log into the system, i.e. if the account is still valid, password has expired, and any other global checks / restrictions.
This leads me to believe that the file should be included and a good content would be:
'account required /lib/security/pam_unix.so'
I was wondering if anyone could agree with me or offer any suggestions.
Thank you in advance for any guidance.
ned
|