[gdm: 2/3] pam-arch: Restrict greeter service to the gdm user

From: Ray Strode <halfline src gnome org>
To: commits-list gnome org
Cc:
Subject: [gdm: 2/3] pam-arch: Restrict greeter service to the gdm user
Date: Wed, 15 Jul 2020 20:30:30 +0000 (UTC)

commit 130d09b8e7ed356f728fc6b67a71633ab018a83a
Author: Jan Alexander Steffens (heftig) <jan steffens gmail com>
Date:   Tue Sep 10 20:41:10 2019 +0000

    pam-arch: Restrict greeter service to the gdm user
    
    Copied from pam-exherbo.

 data/pam-arch/gdm-launch-environment.pam | 3 +++
 1 file changed, 3 insertions(+)
---
diff --git a/data/pam-arch/gdm-launch-environment.pam b/data/pam-arch/gdm-launch-environment.pam
index 895214725..d59c9cb99 100644
--- a/data/pam-arch/gdm-launch-environment.pam
+++ b/data/pam-arch/gdm-launch-environment.pam
@@ -1,10 +1,13 @@
 auth     required  pam_env.so
+auth     required  pam_succeed_if.so audit quiet_success user = gdm
 auth     optional  pam_permit.so
 
+account  required  pam_succeed_if.so audit quiet_success user = gdm
 account  optional  pam_permit.so
 
 password required  pam_deny.so
 
 session  optional  pam_keyinit.so force revoke
+session  required  pam_succeed_if.so audit quiet_success user = gdm
 session  required  pam_systemd.so
 session  optional  pam_permit.so

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]