[gdm] Add Arch Linux PAM config files

From: Javier Jardón Cabezas <jjardon src gnome org>
To: commits-list gnome org
Cc:
Subject: [gdm] Add Arch Linux PAM config files
Date: Tue, 10 Nov 2015 14:56:20 +0000 (UTC)
commit 7caae964d1634d179c6936ddeb46af8172c4e348
Author: Jan Alexander Steffens (heftig) <jan steffens gmail com>
Date:   Thu Oct 9 00:55:31 2014 +0200

    Add Arch Linux PAM config files

 configure.ac                             |    6 ++++--
 data/Makefile.am                         |   12 ++++++++++++
 data/pam-arch/gdm-autologin.pam          |   10 ++++++++++
 data/pam-arch/gdm-fingerprint.pam        |   14 ++++++++++++++
 data/pam-arch/gdm-launch-environment.pam |   10 ++++++++++
 data/pam-arch/gdm-password.pam           |   11 +++++++++++
 data/pam-arch/gdm-pin.pam                |   13 +++++++++++++
 data/pam-arch/gdm-smartcard.pam          |   14 ++++++++++++++
 8 files changed, 88 insertions(+), 2 deletions(-)
---
diff --git a/configure.ac b/configure.ac
index 90af1c0..ab31ba5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -195,12 +195,13 @@ if test x$enable_split_authentication = xyes; then
 fi
 
 AC_ARG_WITH(default-pam-config,
-           AS_HELP_STRING([--with-default-pam-config: One of redhat, openembedded, exherbo, lfs, none 
@<:@default=auto@:>@]))
+           AS_HELP_STRING([--with-default-pam-config: One of redhat, openembedded, exherbo, lfs, arch, none 
@<:@default=auto@:>@]))
 dnl If not given, try autodetecting from release files (see NetworkManager source) 
 if test x$with_default_pam_config = x; then
        AC_CHECK_FILE(/etc/redhat-release,with_default_pam_config="redhat")
        AC_CHECK_FILE(/etc/fedora-release,with_default_pam_config="redhat")
        AC_CHECK_FILE(/etc/exherbo-release,with_default_pam_config="exherbo")
+       AC_CHECK_FILE(/etc/arch-release,with_default_pam_config="arch")
        AC_CHECK_FILE(/etc/lfs-release,with_default_pam_config="lfs")
        dnl If not autodetected, default to none
        if test x$with_default_pam_config = x; then
@@ -208,7 +209,7 @@ if test x$with_default_pam_config = x; then
        fi
 fi
 case x$with_default_pam_config in
-     xredhat|xopenembedded|xexherbo|xlfs|xnone) ;;
+     xredhat|xopenembedded|xexherbo|xlfs|xarch|xnone) ;;
      *)
        AC_MSG_ERROR([Invalid --with-default-pam-config ${with_default_pam_config}])
        exit 1
@@ -218,6 +219,7 @@ AM_CONDITIONAL(ENABLE_REDHAT_PAM_CONFIG, test x$with_default_pam_config = xredha
 AM_CONDITIONAL(ENABLE_OPENEMBEDDED_PAM_CONFIG, test x$with_default_pam_config = xopenembedded)
 AM_CONDITIONAL(ENABLE_EXHERBO_PAM_CONFIG, test x$with_default_pam_config = xexherbo)
 AM_CONDITIONAL(ENABLE_LFS_PAM_CONFIG, test x$with_default_pam_config = xlfs)
+AM_CONDITIONAL(ENABLE_ARCH_PAM_CONFIG, test x$with_default_pam_config = xarch)
 
 AC_ARG_ENABLE(console-helper,
              AS_HELP_STRING([--enable-console-helper],
diff --git a/data/Makefile.am b/data/Makefile.am
index 81cde22..2ad4d26 100644
--- a/data/Makefile.am
+++ b/data/Makefile.am
@@ -125,6 +125,15 @@ pam_lfs_files = pam-lfs/gdm.pam                    \
        $(NULL)
 EXTRA_DIST += $(pam_lfs_files)
 
+pam_arch_files = pam-arch/gdm-autologin.pam    \
+       pam-arch/gdm-launch-environment.pam     \
+       pam-arch/gdm-fingerprint.pam            \
+       pam-arch/gdm-smartcard.pam              \
+       pam-arch/gdm-password.pam               \
+       pam-arch/gdm-pin.pam                    \
+       $(NULL)
+EXTRA_DIST += $(pam_arch_files)
+
 if ENABLE_REDHAT_PAM_CONFIG
 pam_files = $(pam_redhat_files)
 endif
@@ -137,6 +146,9 @@ endif
 if ENABLE_LFS_PAM_CONFIG
 pam_files = $(pam_lfs_files)
 endif
+if ENABLE_ARCH_PAM_CONFIG
+pam_files = $(pam_arch_files)
+endif
 
 EXTRA_DIST +=                  \
        $(dconf_db_files)       \
diff --git a/data/pam-arch/gdm-autologin.pam b/data/pam-arch/gdm-autologin.pam
new file mode 100644
index 0000000..9f45c65
--- /dev/null
+++ b/data/pam-arch/gdm-autologin.pam
@@ -0,0 +1,10 @@
+auth     requisite pam_nologin.so
+auth     required  pam_env.so
+auth     optional  pam_permit.so
+
+account  include   system-local-login
+
+password include   system-local-login
+
+session  optional  pam_keyinit.so force revoke
+session  include   system-local-login
diff --git a/data/pam-arch/gdm-fingerprint.pam b/data/pam-arch/gdm-fingerprint.pam
new file mode 100644
index 0000000..a480861
--- /dev/null
+++ b/data/pam-arch/gdm-fingerprint.pam
@@ -0,0 +1,14 @@
+auth     required  pam_tally.so onerr=succeed file=/var/log/faillog
+auth     required  pam_shells.so
+auth     requisite pam_nologin.so
+auth     required  pam_env.so
+auth     required  pam_fprintd.so
+auth     optional  pam_permit.so
+
+account  include   system-local-login
+
+password required  pam_fprintd.so
+password optional  pam_permit.so
+
+session  optional  pam_keyinit.so force revoke
+session  include   system-local-login
diff --git a/data/pam-arch/gdm-launch-environment.pam b/data/pam-arch/gdm-launch-environment.pam
new file mode 100644
index 0000000..618a7d3
--- /dev/null
+++ b/data/pam-arch/gdm-launch-environment.pam
@@ -0,0 +1,10 @@
+auth     required  pam_env.so
+auth     optional  pam_permit.so
+
+account  include   system-local-login
+
+password required  pam_deny.so
+
+session  optional  pam_keyinit.so force revoke
+session  required  pam_systemd.so
+session  optional  pam_permit.so
diff --git a/data/pam-arch/gdm-password.pam b/data/pam-arch/gdm-password.pam
new file mode 100644
index 0000000..8d34794
--- /dev/null
+++ b/data/pam-arch/gdm-password.pam
@@ -0,0 +1,11 @@
+auth     include   system-local-login
+auth     optional  pam_gnome_keyring.so
+
+account  include   system-local-login
+
+password include   system-local-login
+password optional  pam_gnome_keyring.so use_authtok
+
+session  optional  pam_keyinit.so force revoke
+session  include   system-local-login
+session  optional  pam_gnome_keyring.so auto_start
diff --git a/data/pam-arch/gdm-pin.pam b/data/pam-arch/gdm-pin.pam
new file mode 100644
index 0000000..135e205
--- /dev/null
+++ b/data/pam-arch/gdm-pin.pam
@@ -0,0 +1,13 @@
+auth     requisite pam_pin.so
+auth     include   system-local-login
+auth     optional  pam_gnome_keyring.so
+
+account  include   system-local-login
+
+password include   system-local-login
+password optional  pam_pin.so
+password optional  pam_gnome_keyring.so use_authtok
+
+session  optional  pam_keyinit.so force revoke
+session  include   system-local-login
+session  optional  pam_gnome_keyring.so auto_start
diff --git a/data/pam-arch/gdm-smartcard.pam b/data/pam-arch/gdm-smartcard.pam
new file mode 100644
index 0000000..ec6f75d
--- /dev/null
+++ b/data/pam-arch/gdm-smartcard.pam
@@ -0,0 +1,14 @@
+auth     required  pam_tally.so onerr=succeed file=/var/log/faillog
+auth     required  pam_shells.so
+auth     requisite pam_nologin.so
+auth     required  pam_env.so
+auth     required  pam_pkcs11.so wait_for_card card_only
+auth     optional  pam_permit.so
+
+account  include   system-local-login
+
+password required  pam_pkcs11.so
+password optional  pam_permit.so
+
+session  optional  pam_keyinit.so force revoke
+session  include   system-local-login
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]