diff options
author | Ray Strode <rstrode@redhat.com> | 2012-07-19 12:11:49 -0400 |
---|---|---|
committer | Ray Strode <rstrode@redhat.com> | 2012-07-19 12:14:34 -0400 |
commit | 139ebd6890e165d3589d10dde565cb6f4295a394 (patch) | |
tree | 5a91583f3c8b578f5ee2a0ff5916ba766a6983bd /data/pam-redhat/gdm-fingerprint.pam | |
parent | 0176ed8de6f45344a4bd1e42eba080144974dc05 (diff) | |
download | gdm-139ebd6890e165d3589d10dde565cb6f4295a394.tar.gz |
pam: update redhat pam files
commit 295d0bc42b11a9473a024b9cdca58bdd9197e905 made it so we
ship per-distro pam files upstream.
This commit updates those PAM files to be the latest version we
ship in Fedora.
https://bugzilla.gnome.org/show_bug.cgi?id=675085
Diffstat (limited to 'data/pam-redhat/gdm-fingerprint.pam')
-rw-r--r-- | data/pam-redhat/gdm-fingerprint.pam | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/data/pam-redhat/gdm-fingerprint.pam b/data/pam-redhat/gdm-fingerprint.pam index 1a1c7772..684ac95f 100644 --- a/data/pam-redhat/gdm-fingerprint.pam +++ b/data/pam-redhat/gdm-fingerprint.pam @@ -1,17 +1,18 @@ -# Sample PAM file for doing fingerprint authentication. -# Distros should replace this with what makes sense for them. -auth required pam_env.so -auth required pam_fprintd.so -auth sufficient pam_succeed_if.so uid >= 500 quiet -auth required pam_deny.so +auth substack fingerprint-auth +auth required pam_succeed_if.so user != root quiet +auth include postlogin -account required pam_unix.so -account sufficient pam_localuser.so -account sufficient pam_succeed_if.so uid < 500 quiet -account required pam_permit.so +account required pam_nologin.so +account include fingerprint-auth -password required pam_deny.so +password include fingerprint-auth -session optional pam_keyinit.so revoke -session required pam_limits.so -session required pam_unix.so +session required pam_selinux.so close +session required pam_loginuid.so +session optional pam_console.so +-session optional pam_ck_connector.so +session required pam_selinux.so open +session optional pam_keyinit.so force revoke +session required pam_namespace.so +session include fingerprint-auth +session include postlogin |