From c4c3bd4e7f1b59ae836d687305aeb2dbd5bb5d1c Mon Sep 17 00:00:00 2001 From: Erich Eckner Date: Thu, 17 Jun 2021 22:28:32 +0200 Subject: pambase-no-systemd-home: 20200721.1-2.1 -> 20210605-2.1 --- pambase-no-systemd-home/PKGBUILD | 5 +++-- pambase-no-systemd-home/system-auth | 23 +++++++++++++++++++++++ pambase-no-systemd-home/system-auth.patch | 16 ++++------------ 3 files changed, 30 insertions(+), 14 deletions(-) create mode 100644 pambase-no-systemd-home/system-auth (limited to 'pambase-no-systemd-home') diff --git a/pambase-no-systemd-home/PKGBUILD b/pambase-no-systemd-home/PKGBUILD index dc4c9eed7..c2662ccbd 100644 --- a/pambase-no-systemd-home/PKGBUILD +++ b/pambase-no-systemd-home/PKGBUILD @@ -2,11 +2,12 @@ arch=('any') pkgname=pambase-no-systemd-home -pkgver=20200721.1 +pkgver=20210605 pkgrel=2.1 source=("http://ftp.gwdg.de/pub/linux/archlinux/core/os/x86_64/pambase-$pkgver-${pkgrel%.*}-any.pkg.tar.zst" system-auth.patch) -sha512sums=('44fcf1a087d76209a5299267d090a84a907a5afd300394b0e7b53961ec41091e3ef28309efcc0ee1c1fce306363eb38f5d4ec424c6a6955feb5c1a5a9c1bbfc9' SKIP) +sha512sums=('f884f32d265f4920cb237c6258a4eda907e5a9b332eb44b0d0b489a8126c6c93e11fdf7f45cdfe205994b686f1d41984b78a03e60fd484c888e4da943207f621' + '1577816a179dd7c5e460cf673022a5cc7bb3ffadcbbb6b00e2452587e39a8b184692e4517c4d43018a6e28d185397a2adcf0aed3744f773d77e41e37871875f8') provides=("pambase=$pkgver-${pkgrel%.*}") conflicts=('pambase') diff --git a/pambase-no-systemd-home/system-auth b/pambase-no-systemd-home/system-auth new file mode 100644 index 000000000..cd721bf00 --- /dev/null +++ b/pambase-no-systemd-home/system-auth @@ -0,0 +1,23 @@ +#%PAM-1.0 + +auth required pam_faillock.so preauth +# Optionally use requisite above if you do not want to prompt for the password +# on locked accounts. +auth [success=2 default=ignore] pam_unix.so try_first_pass nullok +auth [default=die] pam_faillock.so authfail +auth optional pam_permit.so +auth required pam_env.so +auth required pam_faillock.so authsucc +# If you drop the above call to pam_faillock.so the lock will be done also +# on non-consecutive authentication failures. + +account required pam_unix.so +account optional pam_permit.so +account required pam_time.so + +password required pam_unix.so try_first_pass nullok shadow sha512 +password optional pam_permit.so + +session required pam_limits.so +session required pam_unix.so +session optional pam_permit.so diff --git a/pambase-no-systemd-home/system-auth.patch b/pambase-no-systemd-home/system-auth.patch index 4b5693abf..e890a2093 100644 --- a/pambase-no-systemd-home/system-auth.patch +++ b/pambase-no-systemd-home/system-auth.patch @@ -1,14 +1,6 @@ ---- a/etc/pam.d/system-auth 2020-09-14 08:25:11.975622583 +0200 -+++ b/etc/pam.d/system-auth 2020-09-14 08:25:11.980977471 +0200 -@@ -4,7 +4,6 @@ - # Optionally use requisite above if you do not want to prompt for the password - # on locked accounts. - auth [success=2 default=ignore] pam_unix.so try_first_pass nullok ---auth [success=1 default=ignore] pam_systemd_home.so - auth [default=die] pam_faillock.so authfail - auth optional pam_permit.so - auth required pam_env.so -@@ -12,12 +11,10 @@ +--- a/etc/pam.d/system-auth 2021-06-17 18:57:25.959996395 +0200 ++++ b/etc/pam.d/system-auth 2021-06-17 18:58:31.533329725 +0200 +@@ -11,12 +11,10 @@ # If you drop the above call to pam_faillock.so the lock will be done also # on non-consecutive authentication failures. @@ -18,6 +10,6 @@ account required pam_time.so --password [success=1 default=ignore] pam_systemd_home.so - password required pam_unix.so try_first_pass nullok shadow + password required pam_unix.so try_first_pass nullok shadow sha512 password optional pam_permit.so -- cgit v1.2.3-54-g00ecf