[gentoo-commits] proj/pambase:master commit in: templates/, /

Sun, 31 Jan 2021 13:36:17 -0800 

commit:     639b45ccb986de7314372a4a841e6f04c536c49a
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 29 03:46:42 2021 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Fri Jan 29 03:46:42 2021 +0000
URL:        https://gitweb.gentoo.org/proj/pambase.git/commit/?id=639b45cc

Add systemd-homed support

Bug: https://bugs.gentoo.org/767784
Signed-off-by: Sam James <sam <AT> gentoo.org>

 pambase.py                   | 1 +
 templates/system-auth.tpl    | 6 ++++++
 templates/system-session.tpl | 4 ++++
 3 files changed, 11 insertions(+)

diff --git a/pambase.py b/pambase.py
index 278d578..eb3d4fe 100755
--- a/pambase.py
+++ b/pambase.py
@@ -9,6 +9,7 @@ def main():
     parser = argparse.ArgumentParser(description='basic Gentoo PAM 
configuration files')
     parser.add_argument('--gnome-keyring', action="store_true", help='enable 
pam_gnome_keyring.so module')
     parser.add_argument('--caps', action="store_true", help='enable pam_cap.so 
module')
+    parser.add_argument('--homed', action="store_true", help='enable 
pam_systemd_homed.so module')
     parser.add_argument('--passwdqc', action="store_true", help='enable 
pam_passwdqc.so module')
     parser.add_argument('--pwhistory', action="store_true", help='enable 
pam_pwhistory.so module')
     parser.add_argument('--pwquality', action="store_true", help='enable 
pam_pwquality.so module')

diff --git a/templates/system-auth.tpl b/templates/system-auth.tpl
index 01a29db..53557dc 100644
--- a/templates/system-auth.tpl
+++ b/templates/system-auth.tpl
@@ -2,6 +2,9 @@ auth            required        pam_env.so {{ debug|default('', 
true) }}
 {% if pam_ssh %}
 auth           sufficient      pam_ssh.so
 {% endif %}
+{% if homed %}
+-auth          sufficient      pam_systemd_home.so
+{% endif %}
 
 {% if krb5 %}
 auth           [success=3 default=ignore]      pam_krb5.so {{ krb5_params }}
@@ -15,6 +18,9 @@ auth          [default=die]   pam_faillock.so authfail
 -auth          optional        pam_cap.so
 {% endif %}
 
+{% if homed %}
+-account       sufficient      pam_systemd_home.so
+{% endif %}
 {% if krb5 %}
 account                [success=2 default=ignore]      pam_krb5.so {{ 
krb5_params }}
 {% endif %}

diff --git a/templates/system-session.tpl b/templates/system-session.tpl
index 2a7024b..3dd1d70 100644
--- a/templates/system-session.tpl
+++ b/templates/system-session.tpl
@@ -4,6 +4,10 @@ session                required        pam_env.so {{ 
debug|default('', true) }}
 session                optional        pam_mktemp.so
 {% endif %}
 
+{% if homed %}
+-session       optional        pam_systemd_home.so
+{% endif %}
+
 {%if krb5 %}
 session                [success=1 default=ignore]      pam_krb5.so {{ 
krb5_params }}
 {% endif %}

Reply via email to