diff options
| author | Ray Strode <halfline@gmail.com> | 2021-12-22 21:14:48 +0000 |
|---|---|---|
| committer | Ray Strode <halfline@gmail.com> | 2021-12-22 21:14:48 +0000 |
| commit | c6e833c2fddcfc3b42dae2ae6250c5add443e1a7 (patch) | |
| tree | 62a03dca46e921bbb790e7cc3651aecff4f94b72 | |
| parent | f7aaba5d77fcca23816f8c43e96ea5ae1797a9ba (diff) | |
| parent | 5e415bb1df01a3a6f42f30253e31f883a22b56dd (diff) | |
| download | gdm-c6e833c2fddcfc3b42dae2ae6250c5add443e1a7.tar.gz | |
Merge branch 'pam-arch-update' into 'main'
pam-arch: Drop pam_faillock counting from fingerprint and smartcard
See merge request GNOME/gdm!163
| -rw-r--r-- | data/pam-arch/gdm-fingerprint.pam | 10 | ||||
| -rw-r--r-- | data/pam-arch/gdm-smartcard.pam | 10 |
2 files changed, 4 insertions, 16 deletions
diff --git a/data/pam-arch/gdm-fingerprint.pam b/data/pam-arch/gdm-fingerprint.pam index cc660d9a..2aaf9f6c 100644 --- a/data/pam-arch/gdm-fingerprint.pam +++ b/data/pam-arch/gdm-fingerprint.pam @@ -2,16 +2,10 @@ auth required pam_shells.so auth requisite pam_nologin.so -auth required pam_faillock.so preauth -# Optionally use requisite above if you do not want to prompt for the fingerprint -# on locked accounts. -auth [success=1 default=ignore] pam_fprintd.so -auth [default=die] pam_faillock.so authfail +auth requisite pam_faillock.so preauth +auth required pam_fprintd.so auth optional pam_permit.so auth required pam_env.so -auth required pam_faillock.so authsucc -# If you drop the above call to pam_faillock.so the lock will be done also -# on non-consecutive authentication failures. auth [success=ok default=1] pam_gdm.so auth optional pam_gnome_keyring.so diff --git a/data/pam-arch/gdm-smartcard.pam b/data/pam-arch/gdm-smartcard.pam index e6ec1299..6d7333bf 100644 --- a/data/pam-arch/gdm-smartcard.pam +++ b/data/pam-arch/gdm-smartcard.pam @@ -2,16 +2,10 @@ auth required pam_shells.so auth requisite pam_nologin.so -auth required pam_faillock.so preauth -# Optionally use requisite above if you do not want to prompt for the smartcard -# on locked accounts. -auth [success=1 default=ignore] pam_pkcs11.so wait_for_card card_only -auth [default=die] pam_faillock.so authfail +auth requisite pam_faillock.so preauth +auth required pam_pkcs11.so wait_for_card card_only auth optional pam_permit.so auth required pam_env.so -auth required pam_faillock.so authsucc -# If you drop the above call to pam_faillock.so the lock will be done also -# on non-consecutive authentication failures. auth [success=ok default=1] pam_gdm.so auth optional pam_gnome_keyring.so |