From 8ab42030ee2555c58f5286e1629d0cbb2c622aaa Mon Sep 17 00:00:00 2001 From: Robert Ancell Date: Thu, 6 Oct 2011 09:38:05 +1100 Subject: Add default PAM configuration --- data/pam/lightdm | 19 +++++++++++++++++++ data/pam/lightdm-autologin | 19 +++++++++++++++++++ data/pam/lightdm-greeter | 16 ++++++++++++++++ 3 files changed, 54 insertions(+) create mode 100644 data/pam/lightdm create mode 100644 data/pam/lightdm-autologin create mode 100644 data/pam/lightdm-greeter (limited to 'data') diff --git a/data/pam/lightdm b/data/pam/lightdm new file mode 100644 index 00000000..45ea314e --- /dev/null +++ b/data/pam/lightdm @@ -0,0 +1,19 @@ +#%PAM-1.0 + +# Block login if they are disabled +auth required pam_nologin.so + +# Load environment from /etc/environment and ~/.pam_environment +auth required pam_env.so + +# Use /etc/passwd and /etc/shadow for passwords +auth required pam_unix.so + +# Check account is active, change password if required +account required pam_unix.so + +# Allow password to be changed +password required pam_unix.so + +# Setup session +session required pam_unix.so diff --git a/data/pam/lightdm-autologin b/data/pam/lightdm-autologin new file mode 100644 index 00000000..412ca5d4 --- /dev/null +++ b/data/pam/lightdm-autologin @@ -0,0 +1,19 @@ +#%PAM-1.0 + +# Block login if they are globally disabled +auth required pam_nologin.so + +# Load environment from /etc/environment and ~/.pam_environment +auth required pam_env.so + +# Use /etc/passwd and /etc/shadow for passwords +auth required pam_unix.so + +# Stop autologin if account requires action +account required pam_unix.so + +# Can't change password +password required pam_deny.so + +# Setup session +session required pam_unix.so diff --git a/data/pam/lightdm-greeter b/data/pam/lightdm-greeter new file mode 100644 index 00000000..217c1d32 --- /dev/null +++ b/data/pam/lightdm-greeter @@ -0,0 +1,16 @@ +#%PAM-1.0 + +# Load environment from /etc/environment and ~/.pam_environment +auth required pam_env.so + +# Always let the greeter start without authentication +auth required pam_permit.so + +# No action required for account management +account required pam_permit.so + +# Can't change password +password required pam_deny.so + +# Setup session +session required pam_unix.so -- cgit v1.2.1