File pam_pkcs11-0.5.3-nss-conf.patch of Package pam_pkcs11

Index: pam_pkcs11-pam_pkcs11-0.6.12/etc/pam_pkcs11.conf.example.in
===================================================================
--- pam_pkcs11-pam_pkcs11-0.6.12.orig/etc/pam_pkcs11.conf.example.in
+++ pam_pkcs11-pam_pkcs11-0.6.12/etc/pam_pkcs11.conf.example.in
@@ -9,7 +9,7 @@ pam_pkcs11 {
   nullok = true;
 
   # Enable debugging support.
-  debug = true; 
+  debug = false; 
 
   # Do not prompt the user for the passwords but take them from the
   # PAM_ items instead.
@@ -48,7 +48,12 @@ pam_pkcs11 {
   screen_savers = xfce4-screensaver, mate-screensaver, gnome-screensaver, kde4-kscreensaver, kscreensaver, xscreensaver;
 
   # Filename of the PKCS #11 module. The default value is "default"
-  use_pkcs11_module = opensc;
+  use_pkcs11_module = nss;
+
+  pkcs11_module nss {
+    nss_dir = /etc/pki/nssdb;
+    crl_policy = none;
+  }
 
   pkcs11_module opensc {
     module = /usr/lib/opensc-pkcs11.so;
@@ -162,7 +167,7 @@ pam_pkcs11 {
   # If used null mapper should be the last in the list :-)
   # Also you should select at least one mapper, otherwise
   # certificate will not match :-)
-  use_mappers = digest, cn, pwent, uid, mail, subject, null;
+  use_mappers = ms;
 
   # When no absolute path or module info is provided, use this
   # value as module search path