systemd

Commit Graph

Author	SHA1	Message	Date
Zbigniew Jędrzejewski-Szmek	2a3fc2e21f	Use upstream pam systemd-auth file with a patch, add pam_keyinit This file changes rarely, but it does every one in a while. And since we have an independent copy, we forget to adjust it. We have had already two bugs because of this. I submitted a PR upstream to include pam_namespace (because that makes sense for all distros), so the diff between upstream and us now is just the inclusion of system-auth (which is not upstreamable). Effectively, the only difference right now is that 'pam_keyinit force revoke' is included. It was added upstream with the comment: We want that systemd --user gets its own keyring as usual, even if the barebones PAM snippet we ship upstream is used. If we don't do this we get the basic keyring systemd --system sets up for us.	2022-12-14 22:35:52 +01:00

Author

SHA1

Message

Date

Zbigniew Jędrzejewski-Szmek

2a3fc2e21f

Use upstream pam systemd-auth file with a patch, add pam_keyinit

This file changes rarely, but it does every one in a while. And since we have an
independent copy, we forget to adjust it. We have had already two bugs because
of this. I submitted a PR upstream to include pam_namespace (because that makes
sense for all distros), so the diff between upstream and us now is just the
inclusion of system-auth (which is not upstreamable).

Effectively, the only difference right now is that 'pam_keyinit force revoke'
is included. It was added upstream with the comment:

   We want that systemd --user gets its own keyring as usual, even if the
   barebones PAM snippet we ship upstream is used. If we don't do this we get
   the basic keyring systemd --system sets up for us.

2022-12-14 22:35:52 +01:00

1 Commits