Some tools in the experimental sub-package cannot be disabled at compile time. Previously, these tools were manually deleted after installation to prevent rpmbuild from reporting unpackaged files. However, as the number of such tools continues to grow, it's simpler to include them in the mini-experimental sub-package. OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1650
26 lines
979 B
Plaintext
26 lines
979 B
Plaintext
# This file is part of systemd.
|
|
#
|
|
# Used by systemd --user instances.
|
|
|
|
# Override the default behavior of the "auth" PAM stack and don't throw a
|
|
# warning each time a user instance is started, which is the default behavior of
|
|
# the PAM stack when no auth is defined. Indeed PID1 calls pam_setcred() when
|
|
# the user instance is about to be started to allow some user services, such as
|
|
# gnome-terminal, to extend theirs credentials similar to the ones received by a
|
|
# user when he logs in (and the full PAM authentication stack is run). For some
|
|
# details, see:
|
|
#
|
|
# https://gitlab.gnome.org/GNOME/gdm/-/issues/393
|
|
# https://github.com/systemd/systemd/issues/11198
|
|
# https://bugzilla.suse.com/show_bug.cgi?id=1190515
|
|
#
|
|
auth required pam_deny.so
|
|
|
|
account include common-account
|
|
|
|
session required pam_selinux.so close
|
|
session required pam_selinux.so nottys open
|
|
session required pam_loginuid.so
|
|
session optional pam_keyinit.so force revoke
|
|
session include common-session
|