{{{ oval_metadata("SSSD should be configured to authenticate access to the system using smart cards.", rule_title=rule_title) }}} {{% if product in ["fedora", "ol8", "ol9"] or 'rhel' in product %}} {{% endif %}} {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}} {{% endif %}} /etc/sssd/(sssd\.conf|conf.d/[^/]+\.conf) ^[\s]*\[pam](?:[^\n\[]*\n+)+?[\s]*pam_cert_auth[\s]*=[\s]*(\w+)\s*$ 1 (?i)true {{% if product in ["fedora", "ol8", "ol9"] or 'rhel' in product %}} /etc/pam.d/smartcard-auth ^\s*auth.*?pam_sss\.so(.*) 1 ^.*allow_missing_name.*$ {{% endif %}} {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}} /etc/pam.d/system-auth ^\s*auth.*?pam_sss\.so(.*) 1 ^.*(try_cert_auth|require_cert_auth).*$ {{% endif %}}