The primitive view of the stack discussed in the previous section is that a module can either return OK/success or not-OK/failure. Some answers are more important than others, and the control flags can change the flow and how decisions are made. The control flags are listed in the second or third column in the configuration file depending on whether the /etc/pam.d
or /etc/pam.conf
style of configuration is used.
The following control flags are addressed in the following sections:
Requisite
Required
Sufficient
Optional
In particular Solaris (version 8 and later) has a much richer set of control flags.