pam: grab cached password from systemd and pass it on

If the user has an encrypted disk then systemd will cache the password
they type into the keyring. It makes sense to try to use this password
for automatic login purposes first, since on single user machines,
the sole user password is likely to match the disk password.

Of course if it doesn't work we'll fall back to the old way of doing
automatic login without a password (and then the user will have to
manualy enter if they need to for gnome-keyring or whatever)

https://bugzilla.gnome.org/show_bug.cgi?id=769950

1 files changed, 5 insertions, 2 deletions

diff --git a/data/pam-redhat/gdm-autologin.pam b/data/pam-redhat/gdm-autologin.pam
index 96fcfe37..c2efea86 100644
--- a/data/pam-redhat/gdm-autologin.pam
+++ b/data/pam-redhat/gdm-autologin.pam
@@ -1,6 +1,8 @@
  #%PAM-1.0
-auth       required    pam_env.so
-auth       required    pam_permit.so
+auth       optional    pam_gdm.so
+auth       substack    password-auth
+auth       optional    pam_gnome_keyring.so
+auth       sufficient  pam_permit.so
 auth       include     postlogin
 account    required    pam_nologin.so
 account    include     system-auth
@@ -12,4 +14,5 @@ session    required    pam_selinux.so open
 session    optional    pam_keyinit.so force revoke
 session    required    pam_namespace.so
 session    include     system-auth
+session    optional    pam_gnome_keyring.so auto_start
 session    include     postlogin