summaryrefslogtreecommitdiffstats
path: root/data/pam-exherbo
diff options
context:
space:
mode:
Diffstat (limited to 'data/pam-exherbo')
-rw-r--r--data/pam-exherbo/gdm-autologin.pam14
-rw-r--r--data/pam-exherbo/gdm-fingerprint.pam10
-rw-r--r--data/pam-exherbo/gdm-launch-environment.pam15
-rw-r--r--data/pam-exherbo/gdm-password.pam10
-rw-r--r--data/pam-exherbo/gdm-pin.pam10
-rw-r--r--data/pam-exherbo/gdm-smartcard.pam18
6 files changed, 77 insertions, 0 deletions
diff --git a/data/pam-exherbo/gdm-autologin.pam b/data/pam-exherbo/gdm-autologin.pam
new file mode 100644
index 0000000..1324f36
--- /dev/null
+++ b/data/pam-exherbo/gdm-autologin.pam
@@ -0,0 +1,14 @@
+# mirrors system-auth / system(-local)-login
+# except for the authentication method, which is:
+# always permit login
+
+auth [success=ok default=1] pam_gdm.so
+-auth optional pam_gnome_keyring.so
+auth sufficient pam_permit.so
+
+account include system-local-login
+
+password include system-local-login
+
+session include system-local-login
+-session optional pam_gnome_keyring.so auto_start
diff --git a/data/pam-exherbo/gdm-fingerprint.pam b/data/pam-exherbo/gdm-fingerprint.pam
new file mode 100644
index 0000000..41639ec
--- /dev/null
+++ b/data/pam-exherbo/gdm-fingerprint.pam
@@ -0,0 +1,10 @@
+account include system-login
+
+auth substack fingerprint-auth
+auth optional pam_gnome_keyring.so
+
+password required pam_deny.so
+
+session substack system-login
+session optional pam_gnome_keyring.so auto_start
+
diff --git a/data/pam-exherbo/gdm-launch-environment.pam b/data/pam-exherbo/gdm-launch-environment.pam
new file mode 100644
index 0000000..51a8e00
--- /dev/null
+++ b/data/pam-exherbo/gdm-launch-environment.pam
@@ -0,0 +1,15 @@
+account required pam_nologin.so
+account required pam_succeed_if.so audit quiet_success user = gdm
+account required pam_permit.so
+
+auth required pam_env.so
+auth required pam_succeed_if.so audit quiet_success user = gdm
+auth required pam_permit.so
+
+password required pam_deny.so
+
+-session optional pam_systemd.so
+session optional pam_keyinit.so force revoke
+session required pam_succeed_if.so audit quiet_success user = gdm
+session required pam_permit.so
+
diff --git a/data/pam-exherbo/gdm-password.pam b/data/pam-exherbo/gdm-password.pam
new file mode 100644
index 0000000..d223f66
--- /dev/null
+++ b/data/pam-exherbo/gdm-password.pam
@@ -0,0 +1,10 @@
+account include system-login
+
+auth substack system-login
+auth optional pam_gnome_keyring.so
+
+password required pam_deny.so
+
+session substack system-login
+session optional pam_gnome_keyring.so auto_start
+
diff --git a/data/pam-exherbo/gdm-pin.pam b/data/pam-exherbo/gdm-pin.pam
new file mode 100644
index 0000000..d62c773
--- /dev/null
+++ b/data/pam-exherbo/gdm-pin.pam
@@ -0,0 +1,10 @@
+account include system-login
+
+auth requisite pam_pin.so
+auth substack system-login
+auth optional pam_gnome_keyring.so
+
+password required pam_deny.so
+
+session substack system-login
+session optional pam_gnome_keyring.so auto_start \ No newline at end of file
diff --git a/data/pam-exherbo/gdm-smartcard.pam b/data/pam-exherbo/gdm-smartcard.pam
new file mode 100644
index 0000000..0623c6e
--- /dev/null
+++ b/data/pam-exherbo/gdm-smartcard.pam
@@ -0,0 +1,18 @@
+# mirrors system-auth / system(-local)-login
+# except for the authentication method, which is:
+# smartcard login
+
+auth required pam_env.so
+auth required pam_tally.so file=/var/log/faillog onerr=succeed
+auth required pam_shells.so
+auth required pam_nologin.so
+auth [success=done ignore=ignore default=die] pam_pkcs11.so wait_for_card card_only
+-auth optional pam_gnome_keyring.so
+
+account include system-local-login
+
+password include system-local-login
+
+session include system-local-login
+-session optional pam_gnome_keyring.so auto_start
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-23 12:18:54 +0000