Novell LINUX ENTERPRISE DESKTOP 10 SP2 - DEPLOYMENT GUIDE 08-05-2008 Deployment Manual page 517

24.3.2 pam_env.conf
This file can be used to define a standardized environment for users that is set whenever
the pam_env module is called. With it, preset environment variables using the following
syntax:
VARIABLE [DEFAULT=[value]]
VARIABLE
Name of the environment variable to set.
[DEFAULT=[value]]
Default value the administrator wants set.
[OVERRIDE=[value]]
Values that may be queried and set by pam_env, overriding the default value.
A typical example of how pam_env can be used is the adaptation of the DISPLAY
variable, which is changed whenever a remote login takes place. This is shown in
ample 24.7, "pam_env.conf"
Example 24.7 pam_env.conf
REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST}
DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}
The first line sets the value of the REMOTEHOST variable to localhost, which is
used whenever pam_env cannot determine any other value. The DISPLAY variable
in turn contains the value of REMOTEHOST. Find more information in the comments
in the file /etc/security/pam_env.conf.
24.3.3 pam_pwcheck.conf
This configuration file is for the pam_pwcheck module, which reads options from it
for all password type modules. Settings stored in this file take precedence over the
PAM settings of an individual application. If application-specific settings have not been
defined, the application uses the global settings.
(page 502) tells pam_pwcheck to allow empty passwords and modification of pass-
words. More options for the module are mentioned in the file /etc/security/pam
_pwcheck.conf.
[OVERRIDE=[value]]
(page 501).
Example 24.8, "pam_pwcheck.conf"
Ex-
Authentication with PAM 501