diff options
| author |   Sam James <sam@gentoo.org> | 2021-01-29 03:46:42 +0000 |
|---|---|---|
| committer | Sam James <sam@gentoo.org> | 2021-01-29 03:46:42 +0000 |
| commit | 639b45ccb986de7314372a4a841e6f04c536c49a (patch) | |
| tree | b0a2c58aa6c4a654e00afb8537077e96fe1db60f | |
| parent | system-login: add pam_time.so (diff) | |
| download | pambase-639b45ccb986de7314372a4a841e6f04c536c49a.tar.gz pambase-639b45ccb986de7314372a4a841e6f04c536c49a.tar.bz2 pambase-639b45ccb986de7314372a4a841e6f04c536c49a.zip | |
Add systemd-homed support
Bug: https://bugs.gentoo.org/767784
Signed-off-by: Sam James <sam@gentoo.org>
| -rwxr-xr-x | pambase.py | 1 | ||||
| -rw-r--r-- | templates/system-auth.tpl | 6 | ||||
| -rw-r--r-- | templates/system-session.tpl | 4 |
3 files changed, 11 insertions, 0 deletions
@@ -9,6 +9,7 @@ def main(): parser = argparse.ArgumentParser(description='basic Gentoo PAM configuration files') parser.add_argument('--gnome-keyring', action="store_true", help='enable pam_gnome_keyring.so module') parser.add_argument('--caps', action="store_true", help='enable pam_cap.so module') + parser.add_argument('--homed', action="store_true", help='enable pam_systemd_homed.so module') parser.add_argument('--passwdqc', action="store_true", help='enable pam_passwdqc.so module') parser.add_argument('--pwhistory', action="store_true", help='enable pam_pwhistory.so module') parser.add_argument('--pwquality', action="store_true", help='enable pam_pwquality.so module') diff --git a/templates/system-auth.tpl b/templates/system-auth.tpl index 01a29db..53557dc 100644 --- a/templates/system-auth.tpl +++ b/templates/system-auth.tpl @@ -2,6 +2,9 @@ auth required pam_env.so {{ debug|default('', true) }} {% if pam_ssh %} auth sufficient pam_ssh.so {% endif %} +{% if homed %} +-auth sufficient pam_systemd_home.so +{% endif %} {% if krb5 %} auth [success=3 default=ignore] pam_krb5.so {{ krb5_params }} @@ -15,6 +18,9 @@ auth [default=die] pam_faillock.so authfail -auth optional pam_cap.so {% endif %} +{% if homed %} +-account sufficient pam_systemd_home.so +{% endif %} {% if krb5 %} account [success=2 default=ignore] pam_krb5.so {{ krb5_params }} {% endif %} diff --git a/templates/system-session.tpl b/templates/system-session.tpl index 2a7024b..3dd1d70 100644 --- a/templates/system-session.tpl +++ b/templates/system-session.tpl @@ -4,6 +4,10 @@ session required pam_env.so {{ debug|default('', true) }} session optional pam_mktemp.so {% endif %} +{% if homed %} +-session optional pam_systemd_home.so +{% endif %} + {%if krb5 %} session [success=1 default=ignore] pam_krb5.so {{ krb5_params }} {% endif %} |