File pam-config-add-systemd_home-support.patch of Package pam-config.35789
diff -Pdpru pam-config-1.1/src/Makefile.am pam-config-1.1.new/src/Makefile.am
--- pam-config-1.1/src/Makefile.am 2019-03-20 15:05:36.000000000 +0100
+++ pam-config-1.1.new/src/Makefile.am 2023-10-18 17:22:55.569811324 +0200
@@ -31,6 +31,7 @@ pam_config_SOURCES = pam-config.c load_c
mod_pam_csync.c mod_pam_fp.c mod_pam_fprint.c mod_pam_pwhistory.c \
mod_pam_selinux.c mod_pam_gnome_keyring.c mod_pam_passwdqc.c \
mod_pam_exec.c mod_pam_sss.c mod_pam_fprintd.c mod_pam_systemd.c \
+ mod_pam_systemd_home.c \
mod_pam_ecryptfs.c mod_pam_access.c mod_pam_google_authenticator.c \
mod_pam_kwallet5.c mod_pam_keyinit.c mod_pam_mktemp.c
diff -Pdpru pam-config-1.1/src/Makefile.in pam-config-1.1.new/src/Makefile.in
--- pam-config-1.1/src/Makefile.in 2019-07-16 12:46:57.000000000 +0200
+++ pam-config-1.1.new/src/Makefile.in 2023-10-18 17:26:19.335823523 +0200
@@ -131,7 +131,8 @@ am_pam_config_OBJECTS = pam-config.$(OBJ
mod_pam_selinux.$(OBJEXT) mod_pam_gnome_keyring.$(OBJEXT) \
mod_pam_passwdqc.$(OBJEXT) mod_pam_exec.$(OBJEXT) \
mod_pam_sss.$(OBJEXT) mod_pam_fprintd.$(OBJEXT) \
- mod_pam_systemd.$(OBJEXT) mod_pam_ecryptfs.$(OBJEXT) \
+ mod_pam_systemd.$(OBJEXT) mod_pam_systemd_home.$(OBJEXT) \
+ mod_pam_ecryptfs.${OBJEXT} \
mod_pam_access.$(OBJEXT) \
mod_pam_google_authenticator.$(OBJEXT) \
mod_pam_kwallet5.$(OBJEXT) mod_pam_keyinit.$(OBJEXT) \
@@ -363,6 +364,7 @@ pam_config_SOURCES = pam-config.c load_c
mod_pam_csync.c mod_pam_fp.c mod_pam_fprint.c mod_pam_pwhistory.c \
mod_pam_selinux.c mod_pam_gnome_keyring.c mod_pam_passwdqc.c \
mod_pam_exec.c mod_pam_sss.c mod_pam_fprintd.c mod_pam_systemd.c \
+ mod_pam_systemd_home.c \
mod_pam_ecryptfs.c mod_pam_access.c mod_pam_google_authenticator.c \
mod_pam_kwallet5.c mod_pam_keyinit.c mod_pam_mktemp.c
@@ -510,6 +512,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_pam_sss.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_pam_succeed_if.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_pam_systemd.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_pam_systemd_home.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_pam_thinkfinger.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_pam_time.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_pam_umask.Po@am__quote@
diff -Pdpru pam-config-1.1/src/mod_pam_systemd_home.c pam-config-1.1.new/src/mod_pam_systemd_home.c
--- pam-config-1.1/src/mod_pam_systemd_home.c 1970-01-01 01:00:00.000000000 +0100
+++ pam-config-1.1.new/src/mod_pam_systemd_home.c 2023-10-18 17:15:13.822236361 +0200
@@ -0,0 +1,117 @@
+/* Copyright (C) 2021 SUSE LLC
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License version 2 as
+ published by the Free Software Foundation.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software Foundation,
+ Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
+#include <stdlib.h>
+
+#include "pam-config.h"
+#include "pam-module.h"
+
+static int
+write_config_systemd_home (pam_module_t *this, enum write_type op, FILE *fp)
+{
+ option_set_t *opt_set = this->get_opt_set (this, op);
+ char *opt;
+
+ if (debug)
+ debug_write_call (this, op);
+
+ if (!opt_set->is_enabled (opt_set, "is_enabled"))
+ return 0;
+
+ switch (op)
+ {
+ case AUTH:
+ fprintf (fp, "auth\tsufficient\tpam_systemd_home.so");
+ break;
+ case ACCOUNT:
+ fprintf (fp, "account\tsufficient\tpam_systemd_home.so");
+ break;
+ case PASSWORD:
+ fprintf (fp, "password\tsufficient\tpam_systemd_home.so");
+ break;
+ case SESSION:
+ fprintf (fp, "session\toptional\tpam_systemd_home.so");
+ break;
+ }
+
+ if (opt_set->is_enabled (opt_set, "debug"))
+ fprintf(fp, " debug");
+ if ((opt = opt_set->get_opt (opt_set, "suspend")))
+ fprintf(fp, " suspend=%s",opt);
+
+ fprintf(fp, "\n");
+ return 0;
+
+}
+
+static int
+parse_config_systemd_home (pam_module_t *this, char *args, write_type_t type)
+{
+ option_set_t *opt_set = this->get_opt_set (this, type);
+
+ if (debug)
+ printf ("**** parse_config_%s (%s): '%s'\n", this->name,
+ type2string (type), args ? args : "");
+
+ opt_set->enable (opt_set, "is_enabled", TRUE);
+
+ while (args && strlen (args) > 0)
+ {
+ char *cp = strsep (&args, " \t");
+
+ if (args)
+ while (isspace ((int) *args))
+ ++args;
+
+ if (strcmp (cp, "debug") == 0)
+ opt_set->enable (opt_set, "debug", TRUE);
+ else if (strncmp (cp, "suspend=", 8) == 0)
+ opt_set->set_opt (opt_set, "suspend", strdup(&cp[8]));
+ else
+ print_unknown_option_error ("pam_systemd_home.so", cp);
+ }
+ return 1;
+}
+
+GETOPT_START_ALL
+GETOPT_END_ALL
+
+PRINT_ARGS("systemd_home")
+PRINT_XMLHELP("systemd_home")
+
+/* ---- contruct module object ---- */
+DECLARE_BOOL_OPTS_2 (is_enabled, debug);
+DECLARE_STRING_OPTS_1 (suspend);
+DECLARE_OPT_SETS;
+
+static module_helptext_t helptext[] = {{NULL, NULL, NULL}};
+
+
+/* at last construct the complete module object */
+pam_module_t mod_pam_systemd_home = { "pam_systemd_home.so", opt_sets, helptext,
+ &parse_config_systemd_home,
+ &def_print_module,
+ &write_config_systemd_home,
+ &get_opt_set,
+ &getopt,
+ &print_args,
+ &print_xmlhelp};
diff -Pdpru pam-config-1.1/src/pam-config.8.xml pam-config-1.1.new/src/pam-config.8.xml
--- pam-config-1.1/src/pam-config.8.xml 2019-07-16 12:47:04.000000000 +0200
+++ pam-config-1.1.new/src/pam-config.8.xml 2023-10-18 17:15:13.822236361 +0200
@@ -1186,6 +1186,30 @@
</listitem>
</varlistentry>
<varlistentry>
+ <term><option>--systemd_home</option></term>
+ <listitem>
+ <para>
+ Enable/Disable pam_systemd_home.so
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>--systemd_home-debug</option></term>
+ <listitem>
+ <para>
+ Add <option>debug</option> option to all pam_systemd_home.so invocations.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>--systemd_home-suspend=</option><replaceable>value</replaceable></term>
+ <listitem>
+ <para>
+ Add <option>suspend=</option><replaceable>value</replaceable> option to pam_systemd_home.so.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
<term><option>--thinkfinger</option></term>
<listitem>
<para>
diff -Pdpru pam-config-1.1/src/supported-modules.h pam-config-1.1.new/src/supported-modules.h
--- pam-config-1.1/src/supported-modules.h 2019-03-20 15:05:36.000000000 +0100
+++ pam-config-1.1.new/src/supported-modules.h 2023-10-18 17:15:13.822236361 +0200
@@ -35,6 +35,7 @@ extern pam_module_t mod_pam_umask;
extern pam_module_t mod_pam_unix2;
extern pam_module_t mod_pam_unix;
extern pam_module_t mod_pam_winbind;
+extern pam_module_t mod_pam_systemd_home;
/* modules for single services only. */
@@ -79,6 +80,7 @@ pam_module_t *common_module_list[] = {
&mod_pam_sss,
&mod_pam_succeed_if,
&mod_pam_systemd,
+ &mod_pam_systemd_home,
&mod_pam_thinkfinger,
&mod_pam_umask,
&mod_pam_unix,
@@ -89,6 +91,7 @@ pam_module_t *common_module_list[] = {
static pam_module_t *module_list_account[] = {
&mod_pam_access,
+ &mod_pam_systemd_home,
&mod_pam_unix2,
&mod_pam_unix,
&mod_pam_krb5,
@@ -111,6 +114,7 @@ static pam_module_t *module_list_auth[]
&mod_pam_thinkfinger,
&mod_pam_gnome_keyring,
&mod_pam_kwallet5, /* optional modules MUST be executed before sufficient modules which also need a password. */
+ &mod_pam_systemd_home,
&mod_pam_ssh,
&mod_pam_unix2,
&mod_pam_unix,
@@ -134,6 +138,7 @@ static pam_module_t *module_list_passwor
&mod_pam_gnome_keyring,
&mod_pam_kwallet5,
&mod_pam_ecryptfs,
+ &mod_pam_systemd_home,
&mod_pam_unix2,
&mod_pam_unix,
&mod_pam_make,
@@ -149,6 +154,7 @@ static pam_module_t *module_list_passwor
static pam_module_t *module_list_session[] = {
&mod_pam_selinux,
&mod_pam_mkhomedir,
+ &mod_pam_systemd_home,
&mod_pam_systemd,
&mod_pam_limits,
&mod_pam_unix2,
