Fixes pam authentication when dealing with virtual users

2016-02-07 03:48:44 +01:00 · 2016-02-07 03:48:44 +01:00 · 10dd404159
commit 10dd404159
parent 607063b358
1 changed files with 4 additions and 1 deletions
--- a/otp/openvpn
+++ b/otp/openvpn
@ -2,3 +2,6 @@
 # User root is required to stick with an hardcoded user when trying to determine user id and allow unexisting system users
 # See https://github.com/google/google-authenticator/tree/master/libpam#secretpathtosecretfile--usersome-user
 auth required pam_google_authenticator.so secret=/etc/openvpn/otp/${USER}.google_authenticator user=root
+
+# Accept any user since we're dealing with virtual users there's no need to have a system account (pam_unix.so)
+account sufficient pam_permit.so