I'm trying to understand the control keywords. I understand that if a
required management group fails, PAM will continue the remaining checks,
but will ultimately return a failure; I also understand that if a
requisite check fails, it will immediately return a failure. Here's my
question: Why
the 'required' is to make the authentication always behave the same,
i.e. if you are attempting to login as joe, but there is no user joe, if
login quits as soon as it sees joe, you are telling the potential
crackers that joe isn't a valid user name, don't bother with it. whereas
if it