auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.login onerr=succeed
auth required pam_securetty.so
auth include system-auth
+auth include postlogin
account required pam_shells.so
account required pam_nologin.so
account required pam_access.so
password include system-auth
# pam_selinux.so close should be the first session rule
# session required pam_selinux.so close
+session required pam_loginuid.so
session include system-auth
+session include postlogin
session optional pam_console.so
session optional pam_mail.so
+#session optional pam_motd.so motd=/etc/motd
# pam_selinux.so open should only be followed by sessions to be executed in the user context
#session required pam_selinux.so open
#session optional pam_keyinit.so force revoke
-session optional pam_ck_connector.so
+-session optional pam_ck_connector.so