[gdm-list] [PATCH] data/pam-lfs: update for latest systemd/PAM changes



---
 data/pam-lfs/gdm-autologin.pam          | 1 -
 data/pam-lfs/gdm-fingerprint.pam        | 6 ++----
 data/pam-lfs/gdm-launch-environment.pam | 9 ++++++---
 data/pam-lfs/gdm-password.pam           | 3 +--
 data/pam-lfs/gdm-pin.pam                | 4 +---
 data/pam-lfs/gdm-smartcard.pam          | 5 +----
 data/pam-lfs/gdm.pam                    | 3 +--
 7 files changed, 12 insertions(+), 19 deletions(-)

diff --git a/data/pam-lfs/gdm-autologin.pam b/data/pam-lfs/gdm-autologin.pam
index 42ea4d3..13ac13a 100644
--- a/data/pam-lfs/gdm-autologin.pam
+++ b/data/pam-lfs/gdm-autologin.pam
@@ -7,7 +7,6 @@ auth     required       pam_succeed_if.so uid >= 1000 quiet
 auth     required       pam_permit.so
 
 account  include        system-account
-
 password include        system-password
 
 session  optional       pam_keyinit.so revoke
diff --git a/data/pam-lfs/gdm-fingerprint.pam b/data/pam-lfs/gdm-fingerprint.pam
index 5818645..f004882 100644
--- a/data/pam-lfs/gdm-fingerprint.pam
+++ b/data/pam-lfs/gdm-fingerprint.pam
@@ -3,14 +3,12 @@
 auth     requisite      pam_nologin.so
 auth     required       pam_env.so
 
-auth     requisite      pam_fprintd.so
 auth     required       pam_succeed_if.so uid >= 1000 quiet
-auth     required       pam_deny.so
+auth     required       pam_fprintd.so
 auth     optional       pam_gnome_keyring.so
 
 account  include        system-account
-
-password required       pam_deny.so
+password required       pam_fprintd.so
 
 session  optional       pam_keyinit.so revoke
 session  required       pam_limits.so
diff --git a/data/pam-lfs/gdm-launch-environment.pam b/data/pam-lfs/gdm-launch-environment.pam
index f9507a0..5846634 100644
--- a/data/pam-lfs/gdm-launch-environment.pam
+++ b/data/pam-lfs/gdm-launch-environment.pam
@@ -1,14 +1,17 @@
 # Begin /etc/pam.d/gdm-launch-environment
 
+session  required       pam_succeed_if.so audit quiet_success user = gdm
 auth     required       pam_env.so
-auth     required       pam_permit.so
+auth     optional       pam_permit.so
 
-account  required       pam_nologin.so
+account  required       pam_succeed_if.so audit quiet_success user = gdm
 account  include        system-account
 
 password required       pam_deny.so
 
-session  required       pam_systemd.so kill-session-processes=1
+session  required       pam_succeed_if.so audit quiet_success user = gdm
+session  required       pam_systemd.so
 session  optional       pam_keyinit.so force revoke
+session  optional       pam_permit.so
 
 # End /etc/pam.d/gdm-launch-environment
diff --git a/data/pam-lfs/gdm-password.pam b/data/pam-lfs/gdm-password.pam
index 34ba17e..9b52a17 100644
--- a/data/pam-lfs/gdm-password.pam
+++ b/data/pam-lfs/gdm-password.pam
@@ -8,11 +8,10 @@ auth     include        system-auth
 auth     optional       pam_gnome_keyring.so
 
 account  include        system-account
+password include        system-password
 
 session  required       pam_limits.so
 session  include        system-session
 session  optional       pam_gnome_keyring.so auto_start
 
-password include        system-password
-
 # End /etc/pam.d/gdm-password
diff --git a/data/pam-lfs/gdm-pin.pam b/data/pam-lfs/gdm-pin.pam
index f265497..4c955c9 100644
--- a/data/pam-lfs/gdm-pin.pam
+++ b/data/pam-lfs/gdm-pin.pam
@@ -3,13 +3,11 @@
 auth     requisite      pam_nologin.so
 auth     required       pam_env.so
 
-auth     requisite      pam_pin.so
 auth     required       pam_succeed_if.so uid >= 1000 quiet
-auth     required       pam_deny.so
+auth     required       pam_pin.so
 auth     optional       pam_gnome_keyring.so
 
 account  include        system-account
-
 password required       pam_pin.so
 
 session  required       pam_limits.so
diff --git a/data/pam-lfs/gdm-smartcard.pam b/data/pam-lfs/gdm-smartcard.pam
index b9ae48b..f2c1b64 100644
--- a/data/pam-lfs/gdm-smartcard.pam
+++ b/data/pam-lfs/gdm-smartcard.pam
@@ -3,16 +3,13 @@
 auth     requisite      pam_nologin.so
 auth     required       pam_env.so
 
-auth     requisite      pam_pkcs11.so wait_for_card card_only
 auth     required       pam_succeed_if.so uid >= 1000 quiet
-auth     required       pam_deny.so
+auth     required       pam_pkcs11.so wait_for_card card_only
 auth     optional       pam_gnome_keyring.so
 
 account  include        system-account
-
 password required       pam_pkcs11.so
 
-session  optional       pam_keyinit.so revoke
 session  required       pam_limits.so
 session  include        system-session
 session  optional       pam_gnome_keyring.so auto_start
diff --git a/data/pam-lfs/gdm.pam b/data/pam-lfs/gdm.pam
index 4d26c43..26bab5b 100644
--- a/data/pam-lfs/gdm.pam
+++ b/data/pam-lfs/gdm.pam
@@ -8,11 +8,10 @@ auth     include        system-auth
 auth     optional       pam_gnome_keyring.so
 
 account  include        system-account
+password include        system-password
 
 session  required       pam_limits.so
 session  include        system-session
 session  optional       pam_gnome_keyring.so auto_start
 
-password include        system-password
-
 # End /etc/pam.d/gdm
-- 
1.8.3.4



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]