[gentoo-commits] proj/pambase:master commit in: templates/, / - gentoo-commits

From:	Sam James <sam@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/pambase:master commit in: templates/, /
Date:	Sun, 31 Jan 2021 21:37:23
Message-Id:	`1612129037.fbbc2d49c860857b2fe4b2a6cdb967b0867261c9.sam@gentoo`

1

commit:     fbbc2d49c860857b2fe4b2a6cdb967b0867261c9

2

Author:     Mikle KOlyada <zlogene <AT> gentoo <DOT> org>

3

AuthorDate: Sat Jan 30 19:50:12 2021 +0000

4

Commit:     Sam James <sam <AT> gentoo <DOT> org>

5

CommitDate: Sun Jan 31 21:37:17 2021 +0000

6

URL:        https://gitweb.gentoo.org/proj/pambase.git/commit/?id=fbbc2d49

7

8

systemd-auth: add systemd-homed support

9

10

Signed-off-by: Mikle KOlyada <zlogene <AT> gentoo.org>

11

Closes: https://github.com/gentoo/pambase/pull/5

12

Signed-off-by: Sam James <sam <AT> gentoo.org>

13

14

 pambase.py                   |  1 +

15

 templates/system-auth.tpl    | 18 ++++++++++++++++--

16

 templates/system-session.tpl |  4 ++++

17

 3 files changed, 21 insertions(+), 2 deletions(-)

18

19

diff --git a/pambase.py b/pambase.py

20

index 278d578..c078156 100755

21

--- a/pambase.py

22

+++ b/pambase.py

23

@@ -14,6 +14,7 @@ def main():

24

     parser.add_argument('--pwquality', action="store_true", help='enable pam_pwquality.so module')

25

     parser.add_argument('--elogind', action="store_true", help='enable pam_elogind.so module')

26

     parser.add_argument('--systemd', action="store_true", help='enable pam_systemd.so module')

27

+    parser.add_argument('--homed', action="store_true", help='enable pam_systemd_home.so module')

28

     parser.add_argument('--selinux', action="store_true", help='enable pam_selinux.so module')

29

     parser.add_argument('--mktemp', action="store_true", help='enable pam_mktemp.so module')

30

     parser.add_argument('--pam-ssh', action="store_true", help='enable pam_ssh.so module')

31

32

diff --git a/templates/system-auth.tpl b/templates/system-auth.tpl

33

index 01a29db..1adee05 100644

34

--- a/templates/system-auth.tpl

35

+++ b/templates/system-auth.tpl

36

@@ -8,16 +8,26 @@ auth		[success=3 default=ignore]      pam_krb5.so {{ krb5_params }}

37

 {% endif %}

38

39

 auth		requisite	pam_faillock.so preauth

40

-auth		[success=1 default=ignore]	pam_unix.so {{ nullok|default('', true) }} {{ debug|default('', true) }} try_first_pass

41

+{% if homed %}

42

+auth		[success=2 default=ignore]	pam_unix.so {{ nullok|default('', true) }} {{ debug|default('', true) }} try_first_pass

43

+auth            [success=1 default=ignore]      pam_systemd_home.so

44

+{% else %}

45

+auth            [success=1 default=ignore]      pam_unix.so {{ nullok|default('', true) }} {{ debug|default('', true) }} try_first_pas

46

+{% endif %}

47

 auth		[default=die]	pam_faillock.so authfail

48

49

 {% if caps %}

50

--auth		optional	pam_cap.so

51

+auth		optional	pam_cap.so

52

 {% endif %}

53

54

 {% if krb5 %}

55

 account		[success=2 default=ignore]	pam_krb5.so {{ krb5_params }}

56

 {% endif %}

57

+

58

+{% if homed %}

59

+account         [success=1 default=ignore]      pam_systemd_home.so

60

+{% endif %}

61

+

62

 account		required	pam_unix.so {{ debug|default('', true) }}

63

 account         required        pam_faillock.so

64

65

@@ -37,6 +47,10 @@ password        required        pam_pwhistory.so use_authtok remember=5 retry=3

66

 password	[success=1 default=ignore]	pam_krb5.so {{ krb5_params }}

67

 {% endif %}

68

69

+{% if homed %}

70

+password        [success=1 default=ignore]      pam_systemd_home.so

71

+{% endif %}

72

+

73

 {% if passwdqc or pwquality %}

74

 password	required	pam_unix.so try_first_pass {{ unix_authtok|default('', true) }} {{ nullok|default('', true) }} {{ unix_extended_encryption|default('', true) }} {{ debug|default('', true) }}

75

 {% else %}

76

77

diff --git a/templates/system-session.tpl b/templates/system-session.tpl

78

index 2a7024b..536db49 100644

79

--- a/templates/system-session.tpl

80

+++ b/templates/system-session.tpl

81

@@ -8,4 +8,8 @@ session		optional	pam_mktemp.so

82

 session		[success=1 default=ignore]	pam_krb5.so {{ krb5_params }}

83

 {% endif %}

84

85

+{% if homed %}

86

+session         [success=1 default=ignore]      pam_systemd_home.so

87

+{% endif %}

88

+

89

 session		required	pam_unix.so {{ debug|default('', true) }}

1	commit: fbbc2d49c860857b2fe4b2a6cdb967b0867261c9
2	Author: Mikle KOlyada <zlogene <AT> gentoo <DOT> org>
3	AuthorDate: Sat Jan 30 19:50:12 2021 +0000
4	Commit: Sam James <sam <AT> gentoo <DOT> org>
5	CommitDate: Sun Jan 31 21:37:17 2021 +0000
6	URL: https://gitweb.gentoo.org/proj/pambase.git/commit/?id=fbbc2d49
7
8	systemd-auth: add systemd-homed support
9
10	Signed-off-by: Mikle KOlyada <zlogene <AT> gentoo.org>
11	Closes: https://github.com/gentoo/pambase/pull/5
12	Signed-off-by: Sam James <sam <AT> gentoo.org>
13
14	pambase.py \| 1 +
15	templates/system-auth.tpl \| 18 ++++++++++++++++--
16	templates/system-session.tpl \| 4 ++++
17	3 files changed, 21 insertions(+), 2 deletions(-)
18
19	diff --git a/pambase.py b/pambase.py
20	index 278d578..c078156 100755
21	--- a/pambase.py
22	+++ b/pambase.py
23	@@ -14,6 +14,7 @@ def main():
24	parser.add_argument('--pwquality', action="store_true", help='enable pam_pwquality.so module')
25	parser.add_argument('--elogind', action="store_true", help='enable pam_elogind.so module')
26	parser.add_argument('--systemd', action="store_true", help='enable pam_systemd.so module')
27	+ parser.add_argument('--homed', action="store_true", help='enable pam_systemd_home.so module')
28	parser.add_argument('--selinux', action="store_true", help='enable pam_selinux.so module')
29	parser.add_argument('--mktemp', action="store_true", help='enable pam_mktemp.so module')
30	parser.add_argument('--pam-ssh', action="store_true", help='enable pam_ssh.so module')
31
32	diff --git a/templates/system-auth.tpl b/templates/system-auth.tpl
33	index 01a29db..1adee05 100644
34	--- a/templates/system-auth.tpl
35	+++ b/templates/system-auth.tpl
36	@@ -8,16 +8,26 @@ auth [success=3 default=ignore] pam_krb5.so {{ krb5_params }}
37	{% endif %}
38
39	auth requisite pam_faillock.so preauth
40	-auth [success=1 default=ignore] pam_unix.so {{ nullok\|default('', true) }} {{ debug\|default('', true) }} try_first_pass
41	+{% if homed %}
42	+auth [success=2 default=ignore] pam_unix.so {{ nullok\|default('', true) }} {{ debug\|default('', true) }} try_first_pass
43	+auth [success=1 default=ignore] pam_systemd_home.so
44	+{% else %}
45	+auth [success=1 default=ignore] pam_unix.so {{ nullok\|default('', true) }} {{ debug\|default('', true) }} try_first_pas
46	+{% endif %}
47	auth [default=die] pam_faillock.so authfail
48
49	{% if caps %}
50	--auth optional pam_cap.so
51	+auth optional pam_cap.so
52	{% endif %}
53
54	{% if krb5 %}
55	account [success=2 default=ignore] pam_krb5.so {{ krb5_params }}
56	{% endif %}
57	+
58	+{% if homed %}
59	+account [success=1 default=ignore] pam_systemd_home.so
60	+{% endif %}
61	+
62	account required pam_unix.so {{ debug\|default('', true) }}
63	account required pam_faillock.so
64
65	@@ -37,6 +47,10 @@ password required pam_pwhistory.so use_authtok remember=5 retry=3
66	password [success=1 default=ignore] pam_krb5.so {{ krb5_params }}
67	{% endif %}
68
69	+{% if homed %}
70	+password [success=1 default=ignore] pam_systemd_home.so
71	+{% endif %}
72	+
73	{% if passwdqc or pwquality %}
74	password required pam_unix.so try_first_pass {{ unix_authtok\|default('', true) }} {{ nullok\|default('', true) }} {{ unix_extended_encryption\|default('', true) }} {{ debug\|default('', true) }}
75	{% else %}
76
77	diff --git a/templates/system-session.tpl b/templates/system-session.tpl
78	index 2a7024b..536db49 100644
79	--- a/templates/system-session.tpl
80	+++ b/templates/system-session.tpl
81	@@ -8,4 +8,8 @@ session optional pam_mktemp.so
82	session [success=1 default=ignore] pam_krb5.so {{ krb5_params }}
83	{% endif %}
84
85	+{% if homed %}
86	+session [success=1 default=ignore] pam_systemd_home.so
87	+{% endif %}
88	+
89	session required pam_unix.so {{ debug\|default('', true) }}

Gentoo Archives: gentoo-commits