31 lines
837 B
YAML
31 lines
837 B
YAML
os_packages_pam_ccreds: 'libpam-ccreds'
|
|
os_packages_pam_passwdqc: 'libpam-passwdqc'
|
|
os_packages_pam_cracklib: 'libpam-cracklib'
|
|
passwdqc_path: '/usr/share/pam-configs/passwdqc'
|
|
tally2_path: '/usr/share/pam-configs/tally2'
|
|
os_nologin_shell_path: '/usr/sbin/nologin'
|
|
|
|
auditd_package: 'auditd'
|
|
modprobe_package: 'kmod'
|
|
|
|
# Different distros use different standards for /etc/shadow perms, e.g.
|
|
# RHEL derivatives use root:root 0000, whereas Debian-based use root:shadow 0640.
|
|
# You must provide key/value pairs for owner, group, and mode if overriding.
|
|
os_shadow_perms:
|
|
owner: root
|
|
group: shadow
|
|
mode: '0640'
|
|
|
|
os_passwd_perms:
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
|
|
os_env_umask: '027'
|
|
|
|
os_auth_uid_min: 1000
|
|
os_auth_gid_min: 1000
|
|
os_auth_sys_uid_min: 100
|
|
os_auth_sys_uid_max: 999
|
|
os_auth_sys_gid_min: 100
|
|
os_auth_sys_gid_max: 999
|