diff options
-rw-r--r-- | configure.ac | 6 | ||||
-rw-r--r-- | data/Makefile.am | 11 | ||||
-rw-r--r-- | data/pam-exherbo/gdm-autologin.pam | 17 | ||||
-rw-r--r-- | data/pam-exherbo/gdm-fingerprint.pam | 17 | ||||
-rw-r--r-- | data/pam-exherbo/gdm-launch-environment.pam | 11 | ||||
-rw-r--r-- | data/pam-exherbo/gdm-password.pam | 18 | ||||
-rw-r--r-- | data/pam-exherbo/gdm-smartcard.pam | 18 |
7 files changed, 96 insertions, 2 deletions
diff --git a/configure.ac b/configure.ac index d47d065c..b8e39c50 100644 --- a/configure.ac +++ b/configure.ac @@ -222,18 +222,19 @@ if test x$enable_split_authentication = xyes; then fi AC_ARG_WITH(default-pam-config, - AS_HELP_STRING([--with-default-pam-config: One of redhat, openembedded, none @<:@default=auto@:>@])) + AS_HELP_STRING([--with-default-pam-config: One of redhat, openembedded, exherbo, none @<:@default=auto@:>@])) dnl If not given, try autodetecting from release files (see NetworkManager source) if test x$with_default_pam_config = x; then AC_CHECK_FILE(/etc/redhat-release,with_default_pam_config="redhat") AC_CHECK_FILE(/etc/fedora-release,with_default_pam_config="redhat") + AC_CHECK_FILE(/etc/exherbo-release,with_default_pam_config="exherbo") dnl If not autodetected, default to none if test x$with_default_pam_config = x; then with_default_pam_config=none fi fi case x$with_default_pam_config in - xredhat|xopenembedded|xnone) ;; + xredhat|xopenembedded|xexherbo|xnone) ;; *) AC_MSG_ERROR([Invalid --with-default-pam-config ${with_default_pam_config}]) exit 1 @@ -241,6 +242,7 @@ case x$with_default_pam_config in esac AM_CONDITIONAL(ENABLE_REDHAT_PAM_CONFIG, test x$with_default_pam_config = xredhat) AM_CONDITIONAL(ENABLE_OPENEMBEDDED_PAM_CONFIG, test x$with_default_pam_config = xopenembedded) +AM_CONDITIONAL(ENABLE_EXHERBO_PAM_CONFIG, test x$with_default_pam_config = xexherbo) AC_ARG_ENABLE(console-helper, AS_HELP_STRING([--enable-console-helper], diff --git a/data/Makefile.am b/data/Makefile.am index 6a44b405..3ff2e67b 100644 --- a/data/Makefile.am +++ b/data/Makefile.am @@ -104,12 +104,23 @@ pam_openembedded_files = pam-openembedded/gdm.pam \ $(NULL) EXTRA_DIST += $(pam_openembedded_files) +pam_exherbo_files = pam-redhat/gdm-autologin.pam \ + pam-exherbo/gdm-launch-environment.pam \ + pam-exherbo/gdm-fingerprint.pam \ + pam-exherbo/gdm-smartcard.pam \ + pam-exherbo/gdm-password.pam \ + $(NULL) +EXTRA_DIST += $(pam_exherbo_files) + if ENABLE_REDHAT_PAM_CONFIG pam_files = $(pam_redhat_files) endif if ENABLE_OPENEMBEDDED_PAM_CONFIG pam_files = $(pam_openembedded_files) endif +if ENABLE_EXHERBO_PAM_CONFIG +pam_files = $(pam_exherbo_files) +endif EXTRA_DIST += \ $(schemas_in_files) \ diff --git a/data/pam-exherbo/gdm-autologin.pam b/data/pam-exherbo/gdm-autologin.pam new file mode 100644 index 00000000..71556e81 --- /dev/null +++ b/data/pam-exherbo/gdm-autologin.pam @@ -0,0 +1,17 @@ +# mirrors system-auth / system(-local)-login +# except for the authentication method, which is: +# always permit login + +auth required pam_env.so +auth required pam_tally.so file=/var/log/faillog onerr=succeed +auth required pam_shells.so +auth required pam_nologin.so +auth required pam_permit.so +-auth optional pam_gnome_keyring.so + +account include system-local-login + +password include system-local-login + +session include system-local-login +-session optional pam_gnome_keyring.so auto_start diff --git a/data/pam-exherbo/gdm-fingerprint.pam b/data/pam-exherbo/gdm-fingerprint.pam new file mode 100644 index 00000000..15f24fae --- /dev/null +++ b/data/pam-exherbo/gdm-fingerprint.pam @@ -0,0 +1,17 @@ +# mirrors system-auth / system(-local)-login +# except for the authentication method, which is: +# fingerprint login + +auth required pam_env.so +auth required pam_tally.so file=/var/log/faillog onerr=succeed +auth required pam_shells.so +auth required pam_nologin.so +auth required pam_fprintd.so +-auth optional pam_gnome_keyring.so + +account include system-local-login + +password include system-local-login + +session include system-local-login +-session optional pam_gnome_keyring.so auto_start diff --git a/data/pam-exherbo/gdm-launch-environment.pam b/data/pam-exherbo/gdm-launch-environment.pam new file mode 100644 index 00000000..1c96229f --- /dev/null +++ b/data/pam-exherbo/gdm-launch-environment.pam @@ -0,0 +1,11 @@ +# this is for the session that gdm spawns to show the login screen + +auth required pam_env.so +auth required pam_nologin.so +auth required pam_permit.so + +account include system-local-login + +password include system-local-login + +session include system-local-login diff --git a/data/pam-exherbo/gdm-password.pam b/data/pam-exherbo/gdm-password.pam new file mode 100644 index 00000000..3ad9ce5c --- /dev/null +++ b/data/pam-exherbo/gdm-password.pam @@ -0,0 +1,18 @@ +# mirrors system-auth / system(-local)-login +# except for the authentication method, which is: +# password login + +auth required pam_env.so +auth required pam_tally.so file=/var/log/faillog onerr=succeed +auth required pam_shells.so +auth required pam_nologin.so +auth required pam_unix.so try_first_pass likeauth nullok +-auth optional pam_gnome_keyring.so + +account include system-local-login + +password include system-local-login + +session include system-local-login +-session optional pam_gnome_keyring.so auto_start + diff --git a/data/pam-exherbo/gdm-smartcard.pam b/data/pam-exherbo/gdm-smartcard.pam new file mode 100644 index 00000000..0623c6ed --- /dev/null +++ b/data/pam-exherbo/gdm-smartcard.pam @@ -0,0 +1,18 @@ +# mirrors system-auth / system(-local)-login +# except for the authentication method, which is: +# smartcard login + +auth required pam_env.so +auth required pam_tally.so file=/var/log/faillog onerr=succeed +auth required pam_shells.so +auth required pam_nologin.so +auth [success=done ignore=ignore default=die] pam_pkcs11.so wait_for_card card_only +-auth optional pam_gnome_keyring.so + +account include system-local-login + +password include system-local-login + +session include system-local-login +-session optional pam_gnome_keyring.so auto_start + |