Age | Commit message (Collapse) | Author |
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
pam-syslog is a linux-pam extension and does not exist in openpam, so
revert to elog
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
since we now assure that XDG_RUNTIME_DIR is set in the pam environment,
we can handle the lock file in there instead, which makes way more sense
for me at least.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
openrc-pam now sets XDG_RUNTIME_DIR in case it's unset.
after running openrc --user, it'll look at ${XDG_RUNTIME_DIR}/openrc/env
for exported variables by services, and only set those allowed by
RC_USER_ENV_WHITELIST and RC_USER_ENV_WHITELIST_D.
this is to protect pam from variables being set under user control that
could mess with other modules.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Using whatever is left by the root user causes some login shells
(such as Zsh on Artix Linux) to only load `/etc/profile{.d/*}`
and not the user-defined `~/.profile`. This is not ideal as we
rely on the user to tell us where some paths, such as
`$XDG_CONFIG_PATH` and `$XDG_CACHE_PATH`, are.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
this allows system administrators to define which runlevels to use,
could permit them for example, to include the module in another pam file
to customize when user scripts are auto-started, for example, allowing
users to define a 'remote' runlevel that would be executed in a ssh
login
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
the module gets the pam user and executes a new login shell, in order to
load the user's environment. this requires that the user's login shell
supports `-c` as an option to run a command. all shells that i know of
do.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|