Why do we need `required` when we have `requisite` in `PAM`?

linux authentication pam

I was wondering why do we need required in PAM when we have requisite. I know that required will allow to keep going through auth stack, but the authentication process will fail anyway finally. So why not simply to use requisite?

Is that for security reasons maybe? or is there anything else I am missing? In that case, so let's make the question the opposite, when do we need requisite instead of required?


Differentiating between required and requisite gives additional flexibility in PAM configuration. As you note, once the authentication is known to fail, in many cases there is no point in continuing further. As an example, suppose we are maintaining a log of all attempts to access the resource in question. In this case, it could be useful to include directives that can add to the logs after the authentication result is known (or trigger other actions, such as informing the sysadmin of the attempt). required will ensure the authentication fails, while still allowing subsequent actions to take place.

Related

Using rsync on WSL (Bash for Windows 10) for incremental backups
Initial Testing of New Hard Drives in Linux
Shadow Copy With Storage Spaces?
How to fix broken Windows user profile after latest Win10 pro upgrade?
Get a Telegram notification only when a word is used on a channel [closed]
chown: /usr/local: Operation not permitted
Postfix and Spamassassin don't start on boot after Ubuntu 16.04 upgrade
Bash script: Create a screen session and execute a command in it
Loop over json files inside subdirectories
How to disable hyperlink security notice in OneNote 2016?
Unable to resolve dependency for libpango-1.0-0 in 12.04
`cd` not working if used in bash script [duplicate]