Re: [gdm-list] gdm-list Digest, Vol 96, Issue 5
- From: "John D. Hendrickson and Sara Darnell" <johnandsara2 cox net>
- To: gdm-list gnome org
- Subject: Re: [gdm-list] gdm-list Digest, Vol 96, Issue 5
- Date: Thu, 15 Aug 2013 16:41:11 -0400
why is gdm getting allot of pam patching ?
was pam and gdm not doing the job of log-in properly already ?
with so many pam and gdm hacks can anyone tell if it's fixed , with
varied uses (ie, linux distros) in mind ?
gdm-list-request gnome org wrote:
Send gdm-list mailing list submissions to
gdm-list gnome org
To subscribe or unsubscribe via the World Wide Web, visit
https://mail.gnome.org/mailman/listinfo/gdm-list
or, via email, send a message with subject or body 'help' to
gdm-list-request gnome org
You can reach the person managing the list at
gdm-list-owner gnome org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of gdm-list digest..."
Today's Topics:
1. [PATCH] data/pam-lfs: update for latest systemd/PAM changes
(Armin K)
----------------------------------------------------------------------
Message: 1
Date: Wed, 31 Jul 2013 02:04:55 +0200
From: Armin K <krejzi email com>
To: gdm-list gnome org
Subject: [gdm-list] [PATCH] data/pam-lfs: update for latest
systemd/PAM changes
Message-ID: <1375229095-27451-1-git-send-email-krejzi email com>
---
data/pam-lfs/gdm-autologin.pam | 1 -
data/pam-lfs/gdm-fingerprint.pam | 6 ++----
data/pam-lfs/gdm-launch-environment.pam | 9 ++++++---
data/pam-lfs/gdm-password.pam | 3 +--
data/pam-lfs/gdm-pin.pam | 4 +---
data/pam-lfs/gdm-smartcard.pam | 5 +----
data/pam-lfs/gdm.pam | 3 +--
7 files changed, 12 insertions(+), 19 deletions(-)
diff --git a/data/pam-lfs/gdm-autologin.pam b/data/pam-lfs/gdm-autologin.pam
index 42ea4d3..13ac13a 100644
--- a/data/pam-lfs/gdm-autologin.pam
+++ b/data/pam-lfs/gdm-autologin.pam
@@ -7,7 +7,6 @@ auth required pam_succeed_if.so uid >= 1000 quiet
auth required pam_permit.so
account include system-account
-
password include system-password
session optional pam_keyinit.so revoke
diff --git a/data/pam-lfs/gdm-fingerprint.pam b/data/pam-lfs/gdm-fingerprint.pam
index 5818645..f004882 100644
--- a/data/pam-lfs/gdm-fingerprint.pam
+++ b/data/pam-lfs/gdm-fingerprint.pam
@@ -3,14 +3,12 @@
auth requisite pam_nologin.so
auth required pam_env.so
-auth requisite pam_fprintd.so
auth required pam_succeed_if.so uid >= 1000 quiet
-auth required pam_deny.so
+auth required pam_fprintd.so
auth optional pam_gnome_keyring.so
account include system-account
-
-password required pam_deny.so
+password required pam_fprintd.so
session optional pam_keyinit.so revoke
session required pam_limits.so
diff --git a/data/pam-lfs/gdm-launch-environment.pam b/data/pam-lfs/gdm-launch-environment.pam
index f9507a0..5846634 100644
--- a/data/pam-lfs/gdm-launch-environment.pam
+++ b/data/pam-lfs/gdm-launch-environment.pam
@@ -1,14 +1,17 @@
# Begin /etc/pam.d/gdm-launch-environment
+session required pam_succeed_if.so audit quiet_success user = gdm
auth required pam_env.so
-auth required pam_permit.so
+auth optional pam_permit.so
-account required pam_nologin.so
+account required pam_succeed_if.so audit quiet_success user = gdm
account include system-account
password required pam_deny.so
-session required pam_systemd.so kill-session-processes=1
+session required pam_succeed_if.so audit quiet_success user = gdm
+session required pam_systemd.so
session optional pam_keyinit.so force revoke
+session optional pam_permit.so
# End /etc/pam.d/gdm-launch-environment
diff --git a/data/pam-lfs/gdm-password.pam b/data/pam-lfs/gdm-password.pam
index 34ba17e..9b52a17 100644
--- a/data/pam-lfs/gdm-password.pam
+++ b/data/pam-lfs/gdm-password.pam
@@ -8,11 +8,10 @@ auth include system-auth
auth optional pam_gnome_keyring.so
account include system-account
+password include system-password
session required pam_limits.so
session include system-session
session optional pam_gnome_keyring.so auto_start
-password include system-password
-
# End /etc/pam.d/gdm-password
diff --git a/data/pam-lfs/gdm-pin.pam b/data/pam-lfs/gdm-pin.pam
index f265497..4c955c9 100644
--- a/data/pam-lfs/gdm-pin.pam
+++ b/data/pam-lfs/gdm-pin.pam
@@ -3,13 +3,11 @@
auth requisite pam_nologin.so
auth required pam_env.so
-auth requisite pam_pin.so
auth required pam_succeed_if.so uid >= 1000 quiet
-auth required pam_deny.so
+auth required pam_pin.so
auth optional pam_gnome_keyring.so
account include system-account
-
password required pam_pin.so
session required pam_limits.so
diff --git a/data/pam-lfs/gdm-smartcard.pam b/data/pam-lfs/gdm-smartcard.pam
index b9ae48b..f2c1b64 100644
--- a/data/pam-lfs/gdm-smartcard.pam
+++ b/data/pam-lfs/gdm-smartcard.pam
@@ -3,16 +3,13 @@
auth requisite pam_nologin.so
auth required pam_env.so
-auth requisite pam_pkcs11.so wait_for_card card_only
auth required pam_succeed_if.so uid >= 1000 quiet
-auth required pam_deny.so
+auth required pam_pkcs11.so wait_for_card card_only
auth optional pam_gnome_keyring.so
account include system-account
-
password required pam_pkcs11.so
-session optional pam_keyinit.so revoke
session required pam_limits.so
session include system-session
session optional pam_gnome_keyring.so auto_start
diff --git a/data/pam-lfs/gdm.pam b/data/pam-lfs/gdm.pam
index 4d26c43..26bab5b 100644
--- a/data/pam-lfs/gdm.pam
+++ b/data/pam-lfs/gdm.pam
@@ -8,11 +8,10 @@ auth include system-auth
auth optional pam_gnome_keyring.so
account include system-account
+password include system-password
session required pam_limits.so
session include system-session
session optional pam_gnome_keyring.so auto_start
-password include system-password
-
# End /etc/pam.d/gdm
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
