diff options
| author | Giovanni Campagna <gcampagna@src.gnome.org> | 2013-02-16 17:01:28 +0100 |
|---|---|---|
| committer | Ray Strode <rstrode@redhat.com> | 2013-02-20 09:54:03 -0500 |
| commit | 63a34df6e049dee4db4d290e4e0ee3b0cd31ad59 (patch) | |
| tree | a868b4645d5b1cd1d8af108c0a1067b3a83e21d1 /data/pam-lfs | |
| parent | bb7962d91981c2b9a1af7fbca3450c004da92d96 (diff) | |
| download | gdm-63a34df6e049dee4db4d290e4e0ee3b0cd31ad59.tar.gz | |
Add gdm-pin service files
Originally, the idea was to have pam-pin as an optional module in gdm-password,
but since the PIN can easily get misconfigured, what we want here is
to give the user a choice at the login screen, so we want two different
conversations at the same time.
The pin module is marked requisite, so if it fails we stop before touching
the other modules and immediately report to the greeter (which then goes
on with gdm-password)
https://bugzilla.gnome.org/show_bug.cgi?id=693968
Diffstat (limited to 'data/pam-lfs')
| -rw-r--r-- | data/pam-lfs/gdm-pin.pam | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/data/pam-lfs/gdm-pin.pam b/data/pam-lfs/gdm-pin.pam new file mode 100644 index 00000000..03d324ec --- /dev/null +++ b/data/pam-lfs/gdm-pin.pam @@ -0,0 +1,20 @@ +# Begin /etc/pam.d/gdm-password + +auth requisite pam_nologin.so +auth required pam_env.so + +auth required pam_succeed_if.so uid >= 1000 quiet +auth requisite pam_pin.so +auth include system-auth +auth optional pam_gnome_keyring.so + +account include system-account + +session required pam_limits.so +session include system-session +session optional pam_gnome_keyring.so auto_start + +password include system-password +password optional pam_pin.so + +# End /etc/pam.d/gdm-password |