# /etc/pam.d/check_user
#
# the url parameter is necessary
# and the cafile parameter is optional
# the subsequent lines just enable check_user to function

#NOTE: you cannot have a # symbol in the password prompt string for some reason
#auth     requisite       pam_pacauth.so command=/usr/bin/pacauth [passwordprompt=PIN:]
auth     requisite       pam_python.so /lib/security/pam_pacauth.py [passwordprompt=PIN:]

account  required       pam_permit.so
password required       pam_permit.so
session  required       pam_permit.so

