From 2cfe54ce62a8edcc412082fffdc9d1c57414d6f2 Mon Sep 17 00:00:00 2001 From: Kalev Lember Date: Thu, 17 May 2018 16:30:05 +0200 Subject: [PATCH] Drop an unused patch --- fix-autologin.patch | 154 -------------------------------------------- 1 file changed, 154 deletions(-) delete mode 100644 fix-autologin.patch diff --git a/fix-autologin.patch b/fix-autologin.patch deleted file mode 100644 index f20a316..0000000 --- a/fix-autologin.patch +++ /dev/null @@ -1,154 +0,0 @@ -From 0a7779b47319eb47b4d5d51f6eb653434c204c29 Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Tue, 30 Aug 2016 16:10:19 -0400 -Subject: [PATCH 1/2] pam_gdm: return AUTHINFO_UNAVAIL if kernel keyring - unavailable - -right now we return PAM_SUCCESS if keyutils are unavailable. -This is the wrong default, we should fail if we aren't able to -get the password. - -https://bugzilla.gnome.org/show_bug.cgi?id=770612 ---- - pam_gdm/pam_gdm.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/pam_gdm/pam_gdm.c b/pam_gdm/pam_gdm.c -index 7beb04e..f491b8d 100644 ---- a/pam_gdm/pam_gdm.c -+++ b/pam_gdm/pam_gdm.c -@@ -31,61 +31,61 @@ - #include - #endif - - int - pam_sm_authenticate (pam_handle_t *pamh, - int flags, - int argc, - const char **argv) - { - #ifdef HAVE_KEYUTILS - int r; - void *cached_password = NULL; - key_serial_t serial; - - serial = find_key_by_type_and_desc ("user", "cryptsetup", 0); - if (serial == 0) - return PAM_AUTHINFO_UNAVAIL; - - r = keyctl_read_alloc (serial, &cached_password); - if (r < 0) - return PAM_AUTHINFO_UNAVAIL; - - r = pam_set_item (pamh, PAM_AUTHTOK, cached_password); - - free (cached_password); - - if (r < 0) - return PAM_AUTH_ERR; - #endif - -- return PAM_SUCCESS; -+ return PAM_AUTHINFO_UNAVAIL; - } - - int - pam_sm_setcred (pam_handle_t *pamh, - int flags, - int argc, - const char **argv) - { - return PAM_SUCCESS; - } - - int - pam_sm_acct_mgmt (pam_handle_t *pamh, - int flags, - int argc, - const char **argv) - { - return PAM_SUCCESS; - } - - int - pam_sm_chauthtok (pam_handle_t *pamh, - int flags, - int argc, - const char **argv) - { - return PAM_SUCCESS; - } - - int --- -2.7.4 - - -From 5716de2c0ec11a77c279c6952ea76d173d46b0e3 Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Tue, 30 Aug 2016 15:58:15 -0400 -Subject: [PATCH 2/2] pam: don't call into pam_unix if pam_gdm fails for - autolgoin - -If pam_gdm fails we shouldn't call into pam_unix since it can lead -to the system asking for a password, and autologin isn't equipped for -that. - -This commit changes the pam configuration to jump to pam_permit if -pam_gdm fails. - -https://bugzilla.gnome.org/show_bug.cgi?id=770612 ---- - data/pam-exherbo/gdm-autologin.pam | 4 ++-- - data/pam-redhat/gdm-autologin.pam | 2 +- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/data/pam-exherbo/gdm-autologin.pam b/data/pam-exherbo/gdm-autologin.pam -index afde048..61f8e54 100644 ---- a/data/pam-exherbo/gdm-autologin.pam -+++ b/data/pam-exherbo/gdm-autologin.pam -@@ -1,15 +1,15 @@ - # mirrors system-auth / system(-local)-login - # except for the authentication method, which is: - # always permit login - --auth optional pam_gdm.so -+auth [success=ok default=2] pam_gdm.so - auth substack system-local-login --auth sufficient pam_permit.so - -auth optional pam_gnome_keyring.so -+auth sufficient pam_permit.so - - account include system-local-login - - password include system-local-login - - session include system-local-login - -session optional pam_gnome_keyring.so auto_start -diff --git a/data/pam-redhat/gdm-autologin.pam b/data/pam-redhat/gdm-autologin.pam -index c2efea8..fbc9d9c 100644 ---- a/data/pam-redhat/gdm-autologin.pam -+++ b/data/pam-redhat/gdm-autologin.pam -@@ -1,18 +1,18 @@ - #%PAM-1.0 --auth optional pam_gdm.so -+auth [success=ok default=2] pam_gdm.so - auth substack password-auth - auth optional pam_gnome_keyring.so - auth sufficient pam_permit.so - auth include postlogin - account required pam_nologin.so - account include system-auth - password include system-auth - session required pam_selinux.so close - session required pam_loginuid.so - session optional pam_console.so - session required pam_selinux.so open - session optional pam_keyinit.so force revoke - session required pam_namespace.so - session include system-auth - session optional pam_gnome_keyring.so auto_start - session include postlogin --- -2.7.4 -