2014-07-29 13:01:51 +02:00
|
|
|
# This file is part of systemd.
|
|
|
|
#
|
|
|
|
# Used by systemd --user instances.
|
Add pam configuration to allow user sessions to work out of the box
systemd-logind will start user@.service. user@.service unit uses
PAM with service name 'systemd-user' to perform account and session
managment tasks. Previously, the name was 'systemd-shared', it is
now changed to 'systemd-user'.
Most PAM installations use one common setup for different callers.
Based on a quick poll, distributions fall into two camps: those that
have system-auth (Redhat, Fedora, CentOS, Arch, Gentoo, Mageia,
Mandriva), and those that have common-auth (Debian, Ubuntu, OpenSUSE).
Distributions that have system-auth have just one configuration file
that contains auth, password, account, and session blocks, and
distributions that have common-auth also have common-session,
common-password, and common-account. It is thus impossible to use one
configuration file which would work for everybody. systemd-user now
refers to system-auth, because it seems that the approach with one
file is more popular and also easier, so let's follow that.
2013-09-11 20:31:14 +02:00
|
|
|
|
2020-05-06 22:25:34 +02:00
|
|
|
m4_ifdef(`ENABLE_HOMED',
|
|
|
|
-account sufficient pam_systemd_home.so
|
|
|
|
)m4_dnl
|
|
|
|
account sufficient pam_unix.so
|
|
|
|
account required pam_permit.so
|
|
|
|
|
2015-09-17 17:15:28 +02:00
|
|
|
m4_ifdef(`HAVE_SELINUX',
|
2016-12-07 20:14:43 +01:00
|
|
|
session required pam_selinux.so close
|
|
|
|
session required pam_selinux.so nottys open
|
2015-09-17 17:15:28 +02:00
|
|
|
)m4_dnl
|
2016-12-07 20:14:43 +01:00
|
|
|
session required pam_loginuid.so
|
|
|
|
session optional pam_keyinit.so force revoke
|
2020-05-06 22:25:34 +02:00
|
|
|
m4_ifdef(`ENABLE_HOMED',
|
|
|
|
-session optional pam_systemd_home.so
|
|
|
|
)m4_dnl
|
2016-10-10 15:40:05 +02:00
|
|
|
session optional pam_systemd.so
|