From f95cd3822c81846beadf58637fb7f5d2a5e50751dc46d73cb1f99f52a60537f6 Mon Sep 17 00:00:00 2001
From: Michal Srb <michalsrb@please-enter-an-email-address>
Date: Tue, 24 May 2016 13:17:03 +0000
Subject: [PATCH] - Add /etc/pam.d/vnc configuration and add vnc user to shadow
   group. (bnc#980326)

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/tigervnc?expand=0&rev=86
---
 tigervnc.changes | 6 ++++++
 tigervnc.spec    | 5 +++++
 vnc.pam          | 5 +++++
 3 files changed, 16 insertions(+)
 create mode 100644 vnc.pam

diff --git a/tigervnc.changes b/tigervnc.changes
index 418bdac..59e7567 100644
--- a/tigervnc.changes
+++ b/tigervnc.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue May 24 12:46:07 UTC 2016 - msrb@suse.com
+
+- Add /etc/pam.d/vnc configuration and add vnc user to shadow
+  group. (bnc#980326)
+
 -------------------------------------------------------------------
 Fri Apr 29 14:13:22 UTC 2016 - msrb@suse.com
 
diff --git a/tigervnc.spec b/tigervnc.spec
index 5dbaa78..c302225 100644
--- a/tigervnc.spec
+++ b/tigervnc.spec
@@ -107,6 +107,7 @@ Source6:        vnc-httpd.firewall
 Source7:        vnc_inetd_httpd
 Source8:        vnc.reg
 Source9:        vncpasswd.arg
+Source10:       vnc.pam
 Patch1:         tigervnc-newfbsize.patch
 Patch2:         tigervnc-clean-pressed-key-on-exit.patch
 Patch3:         u_tigervnc-ignore-epipe-on-write.patch
@@ -246,6 +247,7 @@ install -D -m 644 %{SOURCE6} $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/servi
 install -D -m 755 %{SOURCE7} $RPM_BUILD_ROOT%{_bindir}/vnc_inetd_httpd
 install -D -m 644 %{SOURCE8} $RPM_BUILD_ROOT/etc/slp.reg.d/vnc.reg
 install -D -m 755 %{SOURCE9} $RPM_BUILD_ROOT%{_bindir}/vncpasswd.arg
+install -D -m 644 %{SOURCE10} $RPM_BUILD_ROOT/etc/pam.d/vnc
 %if 0%{?suse_version} >= 1315
 ln -s -f %{_sysconfdir}/alternatives/vncviewer $RPM_BUILD_ROOT%{_bindir}/vncviewer
 ln -s -f %{_sysconfdir}/alternatives/vncviewer.1.gz $RPM_BUILD_ROOT%{_mandir}/man1/vncviewer.1.gz
@@ -260,6 +262,7 @@ rm -rf $RPM_BUILD_ROOT/usr/share/doc/tigervnc-*
 %pre -n xorg-x11-Xvnc
 getent group %{vncgroup} > /dev/null || groupadd -r %{vncgroup} || :
 getent passwd %{vncuser} > /dev/null || useradd -r -g %{vncgroup} -d /var/lib/empty -s /sbin/nologin -c "user for VNC" %{vncuser} || :
+usermod -G shadow -a %{vncuser} || :
 
 %post -n xorg-x11-Xvnc
 if ! test -e %{tlskey} ; then
@@ -346,6 +349,8 @@ fi
 %dir /etc/slp.reg.d
 %config(noreplace) /etc/slp.reg.d/vnc.reg
 
+%config %{_sysconfdir}/pam.d/vnc
+
 %exclude /usr/lib/debug/*
 %exclude /usr/lib/debug/.*
 %exclude /usr/src/debug
diff --git a/vnc.pam b/vnc.pam
new file mode 100644
index 0000000..fef9dd4
--- /dev/null
+++ b/vnc.pam
@@ -0,0 +1,5 @@
+#%PAM-1.0
+auth     include        common-auth
+account  include        common-account
+password include        common-password
+session  include        common-session