#%PAM-1.0
#
# Managed by Salt
#
# Account-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the account modules that define
# the central access policy for use on the system.  The default is to
# only deny service to users whose accounts are expired.
#
account	requisite	pam_unix.so	try_first_pass
account	sufficient	pam_localuser.so
account	required	pam_sss.so	use_first_pass