import-layers/yocto-poky/meta/recipes-extended/pam/libpam/pam.d/common-auth - openbmc/openbmc - Gitiles

 #
 # /etc/pam.d/common-auth - authentication settings common to all services
 #
 # This file is included from other service-specific PAM config files,
 # and should contain a list of the authentication modules that define
 # the central authentication scheme for use on the system
 # (e.g., /etc/shadow, LDAP, Kerberos, etc.).  The default is to use the
 # traditional Unix authentication mechanisms.

 # here are the per-package modules (the "Primary" block)
 auth	[success=1 default=ignore]	pam_unix.so nullok_secure
 # here's the fallback if no module succeeds
 auth	requisite			pam_deny.so
 # prime the stack with a positive return value if there isn't one already;
 # this avoids us returning an error just because nothing sets a success code
 # since the modules above will each just jump around
 auth	required			pam_permit.so
 # and here are more per-package modules (the "Additional" block)
	#
	# /etc/pam.d/common-auth - authentication settings common to all services
	#
	# This file is included from other service-specific PAM config files,
	# and should contain a list of the authentication modules that define
	# the central authentication scheme for use on the system
	# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
	# traditional Unix authentication mechanisms.

	# here are the per-package modules (the "Primary" block)
	auth [success=1 default=ignore] pam_unix.so nullok_secure
	# here's the fallback if no module succeeds
	auth requisite pam_deny.so
	# prime the stack with a positive return value if there isn't one already;
	# this avoids us returning an error just because nothing sets a success code
	# since the modules above will each just jump around
	auth required pam_permit.so
	# and here are more per-package modules (the "Additional" block)