#%PAM-1.0
auth    required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
auth    required pam_shells.so
auth    include  system-auth
account required pam_nologin.so
account include  system-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session optional pam_keyinit.so force revoke
session include  system-auth
# pam_selinux.so open should only be called for sessions to be executed in the user context
session required pam_loginuid.so
session required pam_selinux.so open