#%PAM-1.0
# For root login to succeed here with pam_securetty, "kshell" must be
# listed in /etc/securetty.
auth       required     pam_nologin.so
auth       required     pam_securetty.so
auth       required     pam_env.so
auth       required     pam_rhosts.so
account    include      system-auth
# pam_selinux.so close should be the first session rule
session    required     pam_selinux.so close
session    optional     pam_keyinit.so force revoke
session    include      system-auth
# pam_selinux.so open should only be called for sessions to be executed in the user context
session    required     pam_loginuid.so
session    required     pam_selinux.so open