From 3391ef078ab86d3160b5e2fb3cfb794b75ce2a76 Mon Sep 17 00:00:00 2001
From: root <root@rshg054.dnsready.net>
Date: Thu, 1 Aug 2013 02:03:26 -0700
Subject: Thu Aug  1 02:01:53 PDT 2013

---
 extra/gdm/arch-pam.patch | 179 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 179 insertions(+)
 create mode 100644 extra/gdm/arch-pam.patch

(limited to 'extra/gdm/arch-pam.patch')

diff --git a/extra/gdm/arch-pam.patch b/extra/gdm/arch-pam.patch
new file mode 100644
index 000000000..1faa2b90b
--- /dev/null
+++ b/extra/gdm/arch-pam.patch
@@ -0,0 +1,179 @@
+diff --git c/configure.ac i/configure.ac
+index bda20c6..e118101 100644
+--- c/configure.ac
++++ i/configure.ac
+@@ -185,12 +185,13 @@ if test x$enable_split_authentication = xyes; then
+ fi
+ 
+ AC_ARG_WITH(default-pam-config,
+-	    AS_HELP_STRING([--with-default-pam-config: One of redhat, openembedded, exherbo, lfs, none @<:@default=auto@:>@]))
++	    AS_HELP_STRING([--with-default-pam-config: One of redhat, openembedded, exherbo, lfs, arch, none @<:@default=auto@:>@]))
+ dnl If not given, try autodetecting from release files (see NetworkManager source) 
+ if test x$with_default_pam_config = x; then
+ 	AC_CHECK_FILE(/etc/redhat-release,with_default_pam_config="redhat")
+ 	AC_CHECK_FILE(/etc/fedora-release,with_default_pam_config="redhat")
+ 	AC_CHECK_FILE(/etc/exherbo-release,with_default_pam_config="exherbo")
++	AC_CHECK_FILE(/etc/arch-release,with_default_pam_config="arch")
+ 	AC_CHECK_FILE(/etc/lfs-release,with_default_pam_config="lfs")
+ 	dnl If not autodetected, default to none
+ 	if test x$with_default_pam_config = x; then
+@@ -198,7 +199,7 @@ if test x$with_default_pam_config = x; then
+ 	fi
+ fi
+ case x$with_default_pam_config in
+-     xredhat|xopenembedded|xexherbo|xlfs|xnone) ;;
++     xredhat|xopenembedded|xexherbo|xlfs|xarch|xnone) ;;
+      *)
+        AC_MSG_ERROR([Invalid --with-default-pam-config ${with_default_pam_config}])
+        exit 1
+@@ -208,6 +209,7 @@ AM_CONDITIONAL(ENABLE_REDHAT_PAM_CONFIG, test x$with_default_pam_config = xredha
+ AM_CONDITIONAL(ENABLE_OPENEMBEDDED_PAM_CONFIG, test x$with_default_pam_config = xopenembedded)
+ AM_CONDITIONAL(ENABLE_EXHERBO_PAM_CONFIG, test x$with_default_pam_config = xexherbo)
+ AM_CONDITIONAL(ENABLE_LFS_PAM_CONFIG, test x$with_default_pam_config = xlfs)
++AM_CONDITIONAL(ENABLE_ARCH_PAM_CONFIG, test x$with_default_pam_config = xarch)
+ 
+ AC_ARG_ENABLE(console-helper,
+ 	      AS_HELP_STRING([--enable-console-helper],
+diff --git c/data/Makefile.am i/data/Makefile.am
+index 81eb8ef..6a67433 100644
+--- c/data/Makefile.am
++++ i/data/Makefile.am
+@@ -129,6 +129,15 @@ pam_lfs_files = pam-lfs/gdm.pam			\
+ 	$(NULL)
+ EXTRA_DIST += $(pam_lfs_files)
+ 
++pam_arch_files = pam-arch/gdm-autologin.pam	\
++	pam-arch/gdm-launch-environment.pam	\
++	pam-arch/gdm-fingerprint.pam		\
++	pam-arch/gdm-smartcard.pam		\
++	pam-arch/gdm-password.pam		\
++	pam-arch/gdm-pin.pam			\
++	$(NULL)
++EXTRA_DIST += $(pam_arch_files)
++
+ if ENABLE_REDHAT_PAM_CONFIG
+ pam_files = $(pam_redhat_files)
+ endif
+@@ -141,6 +150,9 @@ endif
+ if ENABLE_LFS_PAM_CONFIG
+ pam_files = $(pam_lfs_files)
+ endif
++if ENABLE_ARCH_PAM_CONFIG
++pam_files = $(pam_arch_files)
++endif
+ 
+ EXTRA_DIST +=			\
+ 	$(schemas_in_files)	\
+diff --git c/data/pam-arch/gdm-autologin.pam i/data/pam-arch/gdm-autologin.pam
+new file mode 100644
+index 0000000..de615ef
+--- /dev/null
++++ i/data/pam-arch/gdm-autologin.pam
+@@ -0,0 +1,13 @@
++auth     required  pam_tally.so onerr=succeed file=/var/log/faillog
++auth     required  pam_shells.so
++auth     requisite pam_nologin.so
++auth     required  pam_env.so
++auth     optional  pam_permit.so
++auth     optional  pam_gnome_keyring.so
++
++account  include   system-local-login
++
++password include   system-local-login
++
++session  include   system-local-login
++session  optional  pam_gnome_keyring.so auto_start
+diff --git c/data/pam-arch/gdm-fingerprint.pam i/data/pam-arch/gdm-fingerprint.pam
+new file mode 100644
+index 0000000..f296ae0
+--- /dev/null
++++ i/data/pam-arch/gdm-fingerprint.pam
+@@ -0,0 +1,15 @@
++auth     required  pam_tally.so onerr=succeed file=/var/log/faillog
++auth     required  pam_shells.so
++auth     requisite pam_nologin.so
++auth     required  pam_env.so
++auth     required  pam_fprintd.so
++auth     optional  pam_permit.so
++auth     optional  pam_gnome_keyring.so
++
++account  include   system-local-login
++
++password required  pam_fprintd.so
++password optional  pam_permit.so
++
++session  include   system-local-login
++session  optional  pam_gnome_keyring.so auto_start
+diff --git c/data/pam-arch/gdm-launch-environment.pam i/data/pam-arch/gdm-launch-environment.pam
+new file mode 100644
+index 0000000..6dfbc51
+--- /dev/null
++++ i/data/pam-arch/gdm-launch-environment.pam
+@@ -0,0 +1,13 @@
++auth     required  pam_succeed_if.so audit quiet_success user = gdm
++auth     required  pam_env.so
++auth     optional  pam_permit.so
++
++account  required  pam_succeed_if.so audit quiet_success user = gdm
++account  include   system-local-login
++
++password required  pam_deny.so
++
++session  required  pam_succeed_if.so audit quiet_success user = gdm
++session  required  pam_systemd.so
++session  optional  pam_keyinit.so force revoke
++session  optional  pam_permit.so
+diff --git c/data/pam-arch/gdm-password.pam i/data/pam-arch/gdm-password.pam
+new file mode 100644
+index 0000000..7411285
+--- /dev/null
++++ i/data/pam-arch/gdm-password.pam
+@@ -0,0 +1,9 @@
++auth     include   system-local-login
++auth     optional  pam_gnome_keyring.so
++
++account  include   system-local-login
++
++password include   system-local-login
++
++session  include   system-local-login
++session  optional  pam_gnome_keyring.so auto_start
+diff --git c/data/pam-arch/gdm-pin.pam i/data/pam-arch/gdm-pin.pam
+new file mode 100644
+index 0000000..e024244
+--- /dev/null
++++ i/data/pam-arch/gdm-pin.pam
+@@ -0,0 +1,11 @@
++auth     requisite pam_pin.so
++auth     include   system-local-login
++auth     optional  pam_gnome_keyring.so
++
++account  include   system-local-login
++
++password include   system-local-login
++password optional  pam_pin.so
++
++session  include   system-local-login
++session  optional  pam_gnome_keyring.so auto_start
+diff --git c/data/pam-arch/gdm-smartcard.pam i/data/pam-arch/gdm-smartcard.pam
+new file mode 100644
+index 0000000..7c3d736
+--- /dev/null
++++ i/data/pam-arch/gdm-smartcard.pam
+@@ -0,0 +1,15 @@
++auth     required  pam_tally.so onerr=succeed file=/var/log/faillog
++auth     required  pam_shells.so
++auth     requisite pam_nologin.so
++auth     required  pam_env.so
++auth     required  pam_pkcs11.so wait_for_card card_only
++auth     optional  pam_permit.so
++auth     optional  pam_gnome_keyring.so
++
++account  include   system-local-login
++
++password required  pam_pkcs11.so
++password optional  pam_permit.so
++
++session  include   system-local-login
++session  optional  pam_gnome_keyring.so auto_start
+
-- 
cgit v1.2.3-54-g00ecf