[gentoo-commits] proj/pambase:master commit in: /, templates/ - gentoo-commits

From:	Sam James <sam@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/pambase:master commit in: /, templates/
Date:	Sun, 31 Jan 2021 21:36:14
Message-Id:	`1612128961.5a545eb14a1220af1ba8031f3669471e77edbc2f.sam@gentoo`

1

commit:     5a545eb14a1220af1ba8031f3669471e77edbc2f

2

Author:     Mikle KOlyada <zlogene <AT> gentoo <DOT> org>

3

AuthorDate: Sat Jan 30 19:50:12 2021 +0000

4

Commit:     Sam James <sam <AT> gentoo <DOT> org>

5

CommitDate: Sun Jan 31 21:36:01 2021 +0000

6

URL:        https://gitweb.gentoo.org/proj/pambase.git/commit/?id=5a545eb1

7

8

systemd-auth: add systemd-homed support

9

10

Signed-off-by: Mikle KOlyada <zlogene <AT> gentoo.org>

11

Closes: https://github.com/gentoo/pambase/pull/5

12

Signed-off-by: Sam James <sam <AT> gentoo.org>

13

14

 pambase.py                   |  1 +

15

 templates/system-auth.tpl    | 18 ++++++++++++++++--

16

 templates/system-session.tpl |  4 ++++

17

 3 files changed, 21 insertions(+), 2 deletions(-)

18

19

diff --git a/pambase.py b/pambase.py

20

index eb3d4fe..b306ca4 100755

21

--- a/pambase.py

22

+++ b/pambase.py

23

@@ -15,6 +15,7 @@ def main():

24

     parser.add_argument('--pwquality', action="store_true", help='enable pam_pwquality.so module')

25

     parser.add_argument('--elogind', action="store_true", help='enable pam_elogind.so module')

26

     parser.add_argument('--systemd', action="store_true", help='enable pam_systemd.so module')

27

+    parser.add_argument('--homed', action="store_true", help='enable pam_systemd_home.so module')

28

     parser.add_argument('--selinux', action="store_true", help='enable pam_selinux.so module')

29

     parser.add_argument('--mktemp', action="store_true", help='enable pam_mktemp.so module')

30

     parser.add_argument('--pam-ssh', action="store_true", help='enable pam_ssh.so module')

31

32

diff --git a/templates/system-auth.tpl b/templates/system-auth.tpl

33

index 53557dc..174aacf 100644

34

--- a/templates/system-auth.tpl

35

+++ b/templates/system-auth.tpl

36

@@ -11,11 +11,16 @@ auth		[success=3 default=ignore]      pam_krb5.so {{ krb5_params }}

37

 {% endif %}

38

39

 auth		requisite	pam_faillock.so preauth

40

-auth		[success=1 default=ignore]	pam_unix.so {{ nullok|default('', true) }} {{ debug|default('', true) }} try_first_pass

41

+{% if homed %}

42

+auth		[success=2 default=ignore]	pam_unix.so {{ nullok|default('', true) }} {{ debug|default('', true) }} try_first_pass

43

+auth            [success=1 default=ignore]      pam_systemd_home.so

44

+{% else %}

45

+auth            [success=1 default=ignore]      pam_unix.so {{ nullok|default('', true) }} {{ debug|default('', true) }} try_first_pas

46

+{% endif %}

47

 auth		[default=die]	pam_faillock.so authfail

48

49

 {% if caps %}

50

--auth		optional	pam_cap.so

51

+auth		optional	pam_cap.so

52

 {% endif %}

53

54

 {% if homed %}

55

@@ -24,6 +29,11 @@ auth		[default=die]	pam_faillock.so authfail

56

 {% if krb5 %}

57

 account		[success=2 default=ignore]	pam_krb5.so {{ krb5_params }}

58

 {% endif %}

59

+

60

+{% if homed %}

61

+account         [success=1 default=ignore]      pam_systemd_home.so

62

+{% endif %}

63

+

64

 account		required	pam_unix.so {{ debug|default('', true) }}

65

 account         required        pam_faillock.so

66

67

@@ -43,6 +53,10 @@ password        required        pam_pwhistory.so use_authtok remember=5 retry=3

68

 password	[success=1 default=ignore]	pam_krb5.so {{ krb5_params }}

69

 {% endif %}

70

71

+{% if homed %}

72

+password        [success=1 default=ignore]      pam_systemd_home.so

73

+{% endif %}

74

+

75

 {% if passwdqc or pwquality %}

76

 password	required	pam_unix.so try_first_pass {{ unix_authtok|default('', true) }} {{ nullok|default('', true) }} {{ unix_extended_encryption|default('', true) }} {{ debug|default('', true) }}

77

 {% else %}

78

79

diff --git a/templates/system-session.tpl b/templates/system-session.tpl

80

index 3dd1d70..48653d4 100644

81

--- a/templates/system-session.tpl

82

+++ b/templates/system-session.tpl

83

@@ -12,4 +12,8 @@ session		optional	pam_mktemp.so

84

 session		[success=1 default=ignore]	pam_krb5.so {{ krb5_params }}

85

 {% endif %}

86

87

+{% if homed %}

88

+session         [success=1 default=ignore]      pam_systemd_home.so

89

+{% endif %}

90

+

91

 session		required	pam_unix.so {{ debug|default('', true) }}

1	commit: 5a545eb14a1220af1ba8031f3669471e77edbc2f
2	Author: Mikle KOlyada <zlogene <AT> gentoo <DOT> org>
3	AuthorDate: Sat Jan 30 19:50:12 2021 +0000
4	Commit: Sam James <sam <AT> gentoo <DOT> org>
5	CommitDate: Sun Jan 31 21:36:01 2021 +0000
6	URL: https://gitweb.gentoo.org/proj/pambase.git/commit/?id=5a545eb1
7
8	systemd-auth: add systemd-homed support
9
10	Signed-off-by: Mikle KOlyada <zlogene <AT> gentoo.org>
11	Closes: https://github.com/gentoo/pambase/pull/5
12	Signed-off-by: Sam James <sam <AT> gentoo.org>
13
14	pambase.py \| 1 +
15	templates/system-auth.tpl \| 18 ++++++++++++++++--
16	templates/system-session.tpl \| 4 ++++
17	3 files changed, 21 insertions(+), 2 deletions(-)
18
19	diff --git a/pambase.py b/pambase.py
20	index eb3d4fe..b306ca4 100755
21	--- a/pambase.py
22	+++ b/pambase.py
23	@@ -15,6 +15,7 @@ def main():
24	parser.add_argument('--pwquality', action="store_true", help='enable pam_pwquality.so module')
25	parser.add_argument('--elogind', action="store_true", help='enable pam_elogind.so module')
26	parser.add_argument('--systemd', action="store_true", help='enable pam_systemd.so module')
27	+ parser.add_argument('--homed', action="store_true", help='enable pam_systemd_home.so module')
28	parser.add_argument('--selinux', action="store_true", help='enable pam_selinux.so module')
29	parser.add_argument('--mktemp', action="store_true", help='enable pam_mktemp.so module')
30	parser.add_argument('--pam-ssh', action="store_true", help='enable pam_ssh.so module')
31
32	diff --git a/templates/system-auth.tpl b/templates/system-auth.tpl
33	index 53557dc..174aacf 100644
34	--- a/templates/system-auth.tpl
35	+++ b/templates/system-auth.tpl
36	@@ -11,11 +11,16 @@ auth [success=3 default=ignore] pam_krb5.so {{ krb5_params }}
37	{% endif %}
38
39	auth requisite pam_faillock.so preauth
40	-auth [success=1 default=ignore] pam_unix.so {{ nullok\|default('', true) }} {{ debug\|default('', true) }} try_first_pass
41	+{% if homed %}
42	+auth [success=2 default=ignore] pam_unix.so {{ nullok\|default('', true) }} {{ debug\|default('', true) }} try_first_pass
43	+auth [success=1 default=ignore] pam_systemd_home.so
44	+{% else %}
45	+auth [success=1 default=ignore] pam_unix.so {{ nullok\|default('', true) }} {{ debug\|default('', true) }} try_first_pas
46	+{% endif %}
47	auth [default=die] pam_faillock.so authfail
48
49	{% if caps %}
50	--auth optional pam_cap.so
51	+auth optional pam_cap.so
52	{% endif %}
53
54	{% if homed %}
55	@@ -24,6 +29,11 @@ auth [default=die] pam_faillock.so authfail
56	{% if krb5 %}
57	account [success=2 default=ignore] pam_krb5.so {{ krb5_params }}
58	{% endif %}
59	+
60	+{% if homed %}
61	+account [success=1 default=ignore] pam_systemd_home.so
62	+{% endif %}
63	+
64	account required pam_unix.so {{ debug\|default('', true) }}
65	account required pam_faillock.so
66
67	@@ -43,6 +53,10 @@ password required pam_pwhistory.so use_authtok remember=5 retry=3
68	password [success=1 default=ignore] pam_krb5.so {{ krb5_params }}
69	{% endif %}
70
71	+{% if homed %}
72	+password [success=1 default=ignore] pam_systemd_home.so
73	+{% endif %}
74	+
75	{% if passwdqc or pwquality %}
76	password required pam_unix.so try_first_pass {{ unix_authtok\|default('', true) }} {{ nullok\|default('', true) }} {{ unix_extended_encryption\|default('', true) }} {{ debug\|default('', true) }}
77	{% else %}
78
79	diff --git a/templates/system-session.tpl b/templates/system-session.tpl
80	index 3dd1d70..48653d4 100644
81	--- a/templates/system-session.tpl
82	+++ b/templates/system-session.tpl
83	@@ -12,4 +12,8 @@ session optional pam_mktemp.so
84	session [success=1 default=ignore] pam_krb5.so {{ krb5_params }}
85	{% endif %}
86
87	+{% if homed %}
88	+session [success=1 default=ignore] pam_systemd_home.so
89	+{% endif %}
90	+
91	session required pam_unix.so {{ debug\|default('', true) }}

Gentoo Archives: gentoo-commits