Template: libpam-runtime/profiles Type: multiselect Choices: ${profiles} Choices-C: ${profile_names} _Description: PAM profiles to enable: Pluggable Authentication Modules (PAM) determine how authentication, authorization, and password changing are handled on the system, as well as allowing configuration of additional actions to take when starting user sessions. . Some PAM module packages provide profiles that can be used to automatically adjust the behavior of all PAM-using applications on the system. Please indicate which of these behaviors you wish to enable. Template: libpam-runtime/conflicts Type: error #flag:translate!:3 #flag:comment:2 # This paragraph is followed by a (currently) non-translatable list of # PAM profile names. _Description: Incompatible PAM profiles selected. The following PAM profiles cannot be used together: . ${conflicts} . Please select a different set of modules to enable. Template: libpam-runtime/override Type: boolean Default: false _Description: Override local changes to /etc/pam.d/common-*? One or more of the files /etc/pam.d/common-{auth,account,password,session} have been locally modified. Please indicate whether these local changes should be overridden using the system-provided configuration. If you decline this option, you will need to manage your system's authentication configuration by hand. Template: libpam-runtime/no_profiles_chosen Type: error _Description: No PAM profiles have been selected. No PAM profiles have been selected for use on this system. This would grant all users access without authenticating, and is not allowed. Please select at least one PAM profile from the available list. Template: libpam-runtime/you-had-no-auth Type: error #flag:translate!:3 _Description: Your system allowed access without a password! A bug in a previous version of libpam-runtime resulted in no PAM profiles being selected for use on this system. As a result, access was allowed for a time to all accounts on your system, with or without a correct password. Especially if this system can be accessed from the Internet, it is likely that it has been compromised. Unless you are familiar with recovering from security failures, viruses, and malicious software, you should re-install this system from scratch or obtain the services of a skilled system administrator. For more information, see: . http://www.debian.org/security/pam-auth . The bug that allowed this wrong configuration is fixed in the current version of libpam-runtime, and your configuration has now been corrected. We apologize that previous versions of libpam-runtime did not detect and prevent this situation.