diff options
Diffstat (limited to 'install-files/gnome')
-rw-r--r-- | install-files/gnome/etc/pam.d/gdm | 15 | ||||
-rw-r--r-- | install-files/gnome/etc/pam.d/gdm-autologin | 17 | ||||
-rw-r--r-- | install-files/gnome/etc/pam.d/gdm-launch-environment | 11 | ||||
-rw-r--r-- | install-files/gnome/etc/pam.d/gdm-password | 24 | ||||
-rw-r--r-- | install-files/gnome/etc/pam.d/passwd | 10 | ||||
-rw-r--r-- | install-files/gnome/etc/pam.d/system-auth | 19 | ||||
-rw-r--r-- | install-files/gnome/etc/securetty | 8 | ||||
-rw-r--r-- | install-files/gnome/etc/ssh/sshd_config | 135 | ||||
-rw-r--r-- | install-files/gnome/manifest | 9 | ||||
-rw-r--r-- | install-files/gnome/usr/share/polkit-1/rules.d/geoclue-2.0.rules | 7 |
10 files changed, 0 insertions, 255 deletions
diff --git a/install-files/gnome/etc/pam.d/gdm b/install-files/gnome/etc/pam.d/gdm deleted file mode 100644 index 42036102..00000000 --- a/install-files/gnome/etc/pam.d/gdm +++ /dev/null @@ -1,15 +0,0 @@ -# Baserock customized /etc/pam.d/gdm -# - -auth requisite pam_nologin.so -auth required pam_env.so - -auth required pam_succeed_if.so uid >= 1000 quiet -auth include system-auth - -account include system-auth -password include system-auth - -session optional pam_keyinit.so force revoke -session include system-auth -session required pam_loginuid.so diff --git a/install-files/gnome/etc/pam.d/gdm-autologin b/install-files/gnome/etc/pam.d/gdm-autologin deleted file mode 100644 index c99449ac..00000000 --- a/install-files/gnome/etc/pam.d/gdm-autologin +++ /dev/null @@ -1,17 +0,0 @@ -# Baserock customized /etc/pam.d/gdm-autologin -# - -auth requisite pam_nologin.so -auth required pam_env.so - -auth required pam_succeed_if.so uid >= 1000 quiet -auth required pam_permit.so -auth optional pam_gnome_keyring.so - -account include system-auth -password include system-auth - -session required pam_loginuid.so -session optional pam_keyinit.so force revoke -session required pam_namespace.so -session include system-auth diff --git a/install-files/gnome/etc/pam.d/gdm-launch-environment b/install-files/gnome/etc/pam.d/gdm-launch-environment deleted file mode 100644 index f63c80fa..00000000 --- a/install-files/gnome/etc/pam.d/gdm-launch-environment +++ /dev/null @@ -1,11 +0,0 @@ -# Baserock customized /etc/pam.d/gdm-launch-environment -# - -auth required pam_env.so -auth optional pam_permit.so - -account include system-auth -password include system-auth - -session optional pam_keyinit.so force revoke -session include system-auth diff --git a/install-files/gnome/etc/pam.d/gdm-password b/install-files/gnome/etc/pam.d/gdm-password deleted file mode 100644 index 798d40a6..00000000 --- a/install-files/gnome/etc/pam.d/gdm-password +++ /dev/null @@ -1,24 +0,0 @@ -# Baserock customized /etc/pam.d/gdm-password -# -# This configuration ensures that the default keyring -# is unlocked at gdm login time, and also that the -# authentication token is used to update the keyring -# when the password is set. - -auth requisite pam_nologin.so -auth required pam_env.so - -auth required pam_succeed_if.so uid >= 1000 quiet -auth substack system-auth -auth optional pam_gnome_keyring.so - -account include system-auth -password substack system-auth -password optional pam_gnome_keyring.so use_authtok - -session required pam_limits.so -session required pam_loginuid.so -session optional pam_keyinit.so force revoke -session required pam_namespace.so -session substack system-auth -session optional pam_gnome_keyring.so auto_start diff --git a/install-files/gnome/etc/pam.d/passwd b/install-files/gnome/etc/pam.d/passwd deleted file mode 100644 index e0c98057..00000000 --- a/install-files/gnome/etc/pam.d/passwd +++ /dev/null @@ -1,10 +0,0 @@ -# Baserock customized /etc/pam.d/passwd -# -# This configuration ensures authentication token -# is used to update the keyring when the password is set -# using the regular passwd mechanism - -auth include system-auth -account include system-auth -password substack system-auth -password optional pam_gnome_keyring.so use_authtok diff --git a/install-files/gnome/etc/pam.d/system-auth b/install-files/gnome/etc/pam.d/system-auth deleted file mode 100644 index 73d3968c..00000000 --- a/install-files/gnome/etc/pam.d/system-auth +++ /dev/null @@ -1,19 +0,0 @@ -# Baserock customized /etc/pam.d/system-auth -# -# This configuration is modified from the upstream -# systemd provided file mostly because the upstream file -# tries to pass the invalid 'try_authtok' option to the -# pam_unix.so module. - -auth sufficient pam_unix.so nullok try_first_pass -auth requisite pam_deny.so - -account required pam_nologin.so -account sufficient pam_unix.so - -password sufficient pam_unix.so nullok sha512 shadow try_first_pass -password required pam_deny.so - --session optional pam_loginuid.so --session optional pam_systemd.so -session sufficient pam_unix.so diff --git a/install-files/gnome/etc/securetty b/install-files/gnome/etc/securetty deleted file mode 100644 index e3dfb6c4..00000000 --- a/install-files/gnome/etc/securetty +++ /dev/null @@ -1,8 +0,0 @@ -tty1 -#tty2 -#tty3 -#tty4 -#tty5 -#tty6 -#tty7 -#tty8 diff --git a/install-files/gnome/etc/ssh/sshd_config b/install-files/gnome/etc/ssh/sshd_config deleted file mode 100644 index aaab3cca..00000000 --- a/install-files/gnome/etc/ssh/sshd_config +++ /dev/null @@ -1,135 +0,0 @@ -# $OpenBSD: sshd_config,v 1.93 2014/01/10 05:59:19 djm Exp $ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options override the -# default value. - -#Port 22 -#AddressFamily any -#ListenAddress 0.0.0.0 -#ListenAddress :: - -# The default requires explicit activation of protocol 1 -#Protocol 2 - -# HostKey for protocol version 1 -#HostKey /etc/ssh/ssh_host_key -# HostKeys for protocol version 2 -#HostKey /etc/ssh/ssh_host_rsa_key -#HostKey /etc/ssh/ssh_host_dsa_key -#HostKey /etc/ssh/ssh_host_ecdsa_key -#HostKey /etc/ssh/ssh_host_ed25519_key - -# Lifetime and size of ephemeral version 1 server key -#KeyRegenerationInterval 1h -#ServerKeyBits 1024 - -# Ciphers and keying -#RekeyLimit default none - -# Logging -# obsoletes QuietMode and FascistLogging -#SyslogFacility AUTH -#LogLevel INFO - -# Authentication: - -#LoginGraceTime 2m -#PermitRootLogin yes -#StrictModes yes -#MaxAuthTries 6 -#MaxSessions 10 - -#RSAAuthentication yes -#PubkeyAuthentication yes - -# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 -# but this is overridden so installations will only check .ssh/authorized_keys -AuthorizedKeysFile .ssh/authorized_keys - -#AuthorizedPrincipalsFile none - -#AuthorizedKeysCommand none -#AuthorizedKeysCommandUser nobody - -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#RhostsRSAAuthentication no -# similar for protocol version 2 -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# RhostsRSAAuthentication and HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to no here! -#PasswordAuthentication yes -#PermitEmptyPasswords no - -# Change to no to disable s/key passwords -#ChallengeResponseAuthentication yes - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes -#KerberosGetAFSToken no - -# GSSAPI options -#GSSAPIAuthentication no -#GSSAPICleanupCredentials yes - -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass -# the setting of "PermitRootLogin without-password". -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. -UsePAM yes - -#AllowAgentForwarding yes -#AllowTcpForwarding yes -#GatewayPorts no -#X11Forwarding no -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PermitTTY yes -#PrintMotd yes -#PrintLastLog yes -#TCPKeepAlive yes -#UseLogin no -UsePrivilegeSeparation sandbox # Default for new installations. -PermitUserEnvironment yes -#Compression delayed -#ClientAliveInterval 0 -#ClientAliveCountMax 3 -#UseDNS yes -#PidFile /var/run/sshd.pid -#MaxStartups 10:30:100 -#PermitTunnel no -#ChrootDirectory none -#VersionAddendum none - -# no default banner path -#Banner none - -# override default of no subsystems -Subsystem sftp /usr/lib/openssh/sftp-server - -# Example of overriding settings on a per-user basis -#Match User anoncvs -# X11Forwarding no -# AllowTcpForwarding no -# PermitTTY no -# ForceCommand cvs server - -AcceptEnv LANG LC_* diff --git a/install-files/gnome/manifest b/install-files/gnome/manifest deleted file mode 100644 index d72a5e89..00000000 --- a/install-files/gnome/manifest +++ /dev/null @@ -1,9 +0,0 @@ -0100644 0 0 /etc/securetty -overwrite 0100644 0 0 /etc/ssh/sshd_config -overwrite 0100644 0 0 /etc/pam.d/passwd -overwrite 0100644 0 0 /etc/pam.d/system-auth -overwrite 0100644 0 0 /etc/pam.d/gdm -overwrite 0100644 0 0 /etc/pam.d/gdm-password -overwrite 0100644 0 0 /etc/pam.d/gdm-autologin -overwrite 0100644 0 0 /etc/pam.d/gdm-launch-environment -0100644 0 0 /usr/share/polkit-1/rules.d/geoclue-2.0.rules diff --git a/install-files/gnome/usr/share/polkit-1/rules.d/geoclue-2.0.rules b/install-files/gnome/usr/share/polkit-1/rules.d/geoclue-2.0.rules deleted file mode 100644 index aeb42345..00000000 --- a/install-files/gnome/usr/share/polkit-1/rules.d/geoclue-2.0.rules +++ /dev/null @@ -1,7 +0,0 @@ -polkit.addRule(function(action, subject) { - if ((action.id == "org.freedesktop.ModemManager1.Device.Control" || - action.id == "org.freedesktop.ModemManager1.Location") && - subject.user == "geoclue") { - return polkit.Result.YES; - } -}); |