diff --git a/systemd-user b/systemd-user
index 3907c885..066515cd 100644
--- a/systemd-user
+++ b/systemd-user
@@ -2,18 +2,19 @@
 #
 # Used by systemd --user instances.
 
-# This is not about authentication per se (user@.service is a system
-# service anyway) but to give the possibility to user services
-# (especially those like gnome-terminal, see [1]) to have theirs
-# credentials extended similar to the ones received by a user when he
-# logs in (and the full PAM authentication stack is run). See [2] and
-# [3] for details.
+# Override the default behavior of the "auth" PAM stack and don't throw a
+# warning each time a user instance is started, which is the default behavior of
+# the PAM stack when no auth is defined. Indeed PID1 calls pam_setcred() when
+# the user instance is about to be started to allow some user services, such as
+# gnome-terminal, to extend theirs credentials similar to the ones received by a
+# user when he logs in (and the full PAM authentication stack is run). For some
+# details, see:
 #
-# [1] https://gitlab.gnome.org/GNOME/gdm/-/issues/393
-# [2] https://github.com/systemd/systemd/issues/11198
-# [3] https://bugzilla.suse.com/show_bug.cgi?id=1190515
+# https://gitlab.gnome.org/GNOME/gdm/-/issues/393
+# https://github.com/systemd/systemd/issues/11198
+# https://bugzilla.suse.com/show_bug.cgi?id=1190515
 #
-auth include common-auth
+auth     required pam_deny.so
 
 account  include  common-account
 
diff --git a/systemd.changes b/systemd.changes
index e87b9a2c..1b31cf54 100644
--- a/systemd.changes
+++ b/systemd.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Tue Jan  4 08:23:19 UTC 2022 - Franck Bui <fbui@suse.com>
+
+- Update systemd-user PAM service again
+
+  Change the default implementation of pam_setcred() again, previously
+  customized to run the full "auth" PAM stack and only call pam_deny.so which is
+  basically the SUSE default behavior without pam_warn.so.
+
+  This is considered safer, especially on SLE where a regression was spotted by
+  QA.
+
 -------------------------------------------------------------------
 Tue Dec  7 12:05:55 UTC 2021 - Ludwig Nussel <lnussel@suse.de>
 
diff --git a/systemd.spec b/systemd.spec
index 5e637c0c..616eb386 100644
--- a/systemd.spec
+++ b/systemd.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package systemd
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed