summaryrefslogtreecommitdiff
path: root/user/sddm/autologin-pam.patch
diff options
context:
space:
mode:
Diffstat (limited to 'user/sddm/autologin-pam.patch')
-rw-r--r--user/sddm/autologin-pam.patch80
1 files changed, 80 insertions, 0 deletions
diff --git a/user/sddm/autologin-pam.patch b/user/sddm/autologin-pam.patch
new file mode 100644
index 000000000..bb4560b69
--- /dev/null
+++ b/user/sddm/autologin-pam.patch
@@ -0,0 +1,80 @@
+From a6280bde181c72811ab5dd0eb525f112ac72099f Mon Sep 17 00:00:00 2001
+From: Aleix Pol <aleixpol@kde.org>
+Date: Thu, 24 Jun 2021 17:08:10 +0200
+Subject: [PATCH] pam: Do not use tally2 if faillock is present
+
+From pam 1.4.0 release notes:
+
+Deprecated pam_tally and pam_tally2: these modules are no longer built
+by default and will be removed in the next release, use pam_faillock
+instead.
+https://github.com/linux-pam/linux-pam/releases/tag/v1.4.0
+
+Fixes #1313
+---
+ cmake/FindPAM.cmake | 1 +
+ services/CMakeLists.txt | 6 +++++-
+ services/sddm-autologin-tally2.pam | 13 +++++++++++++
+ services/sddm-autologin.pam | 2 +-
+ 4 files changed, 20 insertions(+), 2 deletions(-)
+ create mode 100755 services/sddm-autologin-tally2.pam
+
+diff --git a/cmake/FindPAM.cmake b/cmake/FindPAM.cmake
+index f209c0b46..a64680bea 100644
+--- a/cmake/FindPAM.cmake
++++ b/cmake/FindPAM.cmake
+@@ -13,6 +13,7 @@ endif (PAM_INCLUDE_DIR AND PAM_LIBRARY)
+ find_path(PAM_INCLUDE_DIR NAMES security/pam_appl.h pam/pam_appl.h)
+ find_library(PAM_LIBRARY pam)
+ find_library(DL_LIBRARY dl)
++find_library(HAVE_PAM_FAILLOCK NAME pam_faillock.so PATH_SUFFIXES security)
+
+ if (PAM_INCLUDE_DIR AND PAM_LIBRARY)
+ set(PAM_FOUND TRUE)
+diff --git a/services/CMakeLists.txt b/services/CMakeLists.txt
+index fbf760895..6e4fa0f93 100644
+--- a/services/CMakeLists.txt
++++ b/services/CMakeLists.txt
+@@ -10,6 +10,10 @@ else()
+ endif()
+ configure_file("${CMAKE_CURRENT_SOURCE_DIR}/sddm-greeter.pam.in" "${CMAKE_CURRENT_BINARY_DIR}/sddm-greeter.pam")
+
++if(HAVE_PAM_FAILLOCK)
++ install(FILES sddm-autologin.pam DESTINATION ${CMAKE_INSTALL_FULL_SYSCONFDIR}/pam.d RENAME sddm-autologin)
++else()
++ install(FILES sddm-autologin-tally2.pam DESTINATION ${CMAKE_INSTALL_FULL_SYSCONFDIR}/pam.d RENAME sddm-autologin)
++endif()
+ install(FILES sddm.pam DESTINATION ${CMAKE_INSTALL_FULL_SYSCONFDIR}/pam.d RENAME sddm)
+-install(FILES sddm-autologin.pam DESTINATION ${CMAKE_INSTALL_FULL_SYSCONFDIR}/pam.d RENAME sddm-autologin)
+ install(FILES "${CMAKE_CURRENT_BINARY_DIR}/sddm-greeter.pam" DESTINATION ${CMAKE_INSTALL_FULL_SYSCONFDIR}/pam.d RENAME sddm-greeter)
+diff --git a/services/sddm-autologin-tally2.pam b/services/sddm-autologin-tally2.pam
+new file mode 100755
+index 000000000..99729bc9b
+--- /dev/null
++++ b/services/sddm-autologin-tally2.pam
+@@ -0,0 +1,13 @@
++#%PAM-1.0
++auth required pam_env.so
++auth required pam_tally2.so file=/var/log/tallylog onerr=succeed
++auth required pam_shells.so
++auth required pam_nologin.so
++auth required pam_permit.so
++-auth optional pam_gnome_keyring.so
++-auth optional pam_kwallet5.so
++account include system-local-login
++password include system-local-login
++session include system-local-login
++-session optional pam_gnome_keyring.so auto_start
++-session optional pam_kwallet5.so auto_start
+diff --git a/services/sddm-autologin.pam b/services/sddm-autologin.pam
+index 99729bc9b..b42991e38 100755
+--- a/services/sddm-autologin.pam
++++ b/services/sddm-autologin.pam
+@@ -1,6 +1,6 @@
+ #%PAM-1.0
+ auth required pam_env.so
+-auth required pam_tally2.so file=/var/log/tallylog onerr=succeed
++auth required pam_faillock.so preauth
+ auth required pam_shells.so
+ auth required pam_nologin.so
+ auth required pam_permit.so
generated by cgit v1.2.3-60-g2f50 (git 2.42.0) at 2024-06-18 12:52:16 +0000