Add --with-default-pam-config option, autodetect from /etc/foo-release files

The PAM files that ship with GDM are really specific to Red Hat's historical fork of pam. For example, the "system-auth" file still lives in the Fedora 17 "pam" git. A long while back, Debian hit the same problem, and of course the difference is the naming; common-auth/common-password etc. OpenEmbedded then picked up Debian's PAM fork. Since for OSTree-GNOME we're using Poky/OpenEmbedded, let's add an option to integrate with their PAM. We use code similar to what NetworkManager has, so we should keep using the Red Hat files on systems with /etc/redhat-release or /etc/fedora-release. https://bugzilla.gnome.org/show_bug.cgi?id=675085
author: Colin Walters <walters@verbum.org> 2012-04-27 18:34:39 -0400
committer: Colin Walters <walters@verbum.org> 2012-07-10 10:26:53 -0400
commit: 295d0bc42b11a9473a024b9cdca58bdd9197e905 (patch)
tree: 9a1293d2b9cb90fcc07b566e263e5a4c81ae6aea /data/pam-openembedded
parent: f42e685e271015d5cc5d52342a8832010f65c5d2 (diff)
download: gdm-295d0bc42b11a9473a024b9cdca58bdd9197e905.tar.gz
3 files changed, 31 insertions, 0 deletions
diff --git a/data/pam-openembedded/gdm-autologin.pam b/data/pam-openembedded/gdm-autologin.pam
new file mode 100644
index 00000000..32d5248f
--- /dev/null
+++ b/data/pam-openembedded/gdm-autologin.pam
@@ -0,0 +1,10 @@
+#%PAM-1.0
+auth       required    pam_env.so
+auth       required    pam_permit.so
+account    required    pam_nologin.so
+account    include     common-auth
+password   include     common-auth
+session    optional    pam_keyinit.so force revoke
+session    include     common-session
+session    required    pam_loginuid.so
+session    optional    pam_console.so
diff --git a/data/pam-openembedded/gdm-welcome.pam b/data/pam-openembedded/gdm-welcome.pam
new file mode 100644
index 00000000..602217b1
--- /dev/null
+++ b/data/pam-openembedded/gdm-welcome.pam
@@ -0,0 +1,9 @@
+#%PAM-1.0
+auth       required    pam_env.so
+auth       required    pam_permit.so
+account    required    pam_nologin.so
+account    include     common-account
+password   include     common-auth
+session    required    pam_loginuid.so
+session    optional    pam_keyinit.so force revoke
+session    include     common-session
diff --git a/data/pam-openembedded/gdm.pam b/data/pam-openembedded/gdm.pam
new file mode 100644
index 00000000..de223de1
--- /dev/null
+++ b/data/pam-openembedded/gdm.pam
@@ -0,0 +1,12 @@
+#%PAM-1.0
+auth       required    pam_env.so
+auth       required    pam_succeed_if.so user != root quiet
+auth       sufficient  pam_succeed_if.so user ingroup nopasswdlogin
+auth       include     common-auth
+account    required    pam_nologin.so
+account    include     common-account
+password   include     common-password
+session    optional    pam_keyinit.so force revoke
+session    include     common-session
+session    required    pam_loginuid.so
+session    optional    pam_console.so
author	Colin Walters <walters@verbum.org>	2012-04-27 18:34:39 -0400
committer	Colin Walters <walters@verbum.org>	2012-07-10 10:26:53 -0400
commit	295d0bc42b11a9473a024b9cdca58bdd9197e905 (patch)
tree	9a1293d2b9cb90fcc07b566e263e5a4c81ae6aea /data/pam-openembedded
parent	f42e685e271015d5cc5d52342a8832010f65c5d2 (diff)
download	gdm-295d0bc42b11a9473a024b9cdca58bdd9197e905.tar.gz