From 3086fd516f898b6c3ae1ccf65e1e1b1e07a3bfe9 Mon Sep 17 00:00:00 2001 From: Timothy Pearson Date: Thu, 22 Sep 2016 11:18:25 -0500 Subject: Remove invalid PAM option --- src/libtdeldap.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp index 2ba3923..6d78cf7 100644 --- a/src/libtdeldap.cpp +++ b/src/libtdeldap.cpp @@ -5086,7 +5086,7 @@ int LDAPManager::writePAMFiles(LDAPPamConfig pamConfig, TQString *errstr) { stream << "auth [default=ignore success=done new_authtok_reqd=done service_err=reset] pam_krb5.so ccache=/tmp/krb5cc_%u use_first_pass" << "\n"; } if (pamConfig.enable_pkcs11_login) { - stream << "auth [default=ignore success=done new_authtok_reqd=done service_err=reset] pam_krb5.so use_first_pass first_pass_is_pin no_prompt try_pkinit" << "\n"; + stream << "auth [default=ignore success=done new_authtok_reqd=done service_err=reset] pam_krb5.so use_first_pass no_prompt try_pkinit" << "\n"; stream << "auth [default=ignore success=done new_authtok_reqd=done] pam_pkcs11.so use_first_pass" << "\n"; } stream << "auth required pam_deny.so" << "\n"; -- cgit v1.2.1