f422da8599
Add support for the openSUSE Leap distributions. The security rules are similar to the RedHat and Ubuntu ones. We also replace ansible_os_family with ansible_pkg_mgr since the former does not return consistent results across different SUSE distributions especially on older Ansible versions. Change-Id: I20ffe17039bb641aad70d8123f0b7e7417a42cba
15 lines
540 B
ReStructuredText
15 lines
540 B
ReStructuredText
---
|
|
id: V-72275
|
|
status: verification only
|
|
tag: auth
|
|
---
|
|
|
|
The PAM configuration is checked for the presence of ``pam_lastlogin`` and a
|
|
warning message is printed if the directive is not found. The tasks in the
|
|
security role do not adjust PAM configurations since these changes might be
|
|
disruptive in some environments.
|
|
|
|
Deployers should review their PAM configurations and add ``pam_lastlogin`` to
|
|
``/etc/pam.d/postlogin`` on CentOS and Red Hat Enterprise Linux or to
|
|
``/etc/pam.d/login`` on Ubuntu, openSUSE Leap and SUSE Linux Enterprise.
|