* debian/lightdm.pam:
- enable pam_loginuid. closes: #677435
+ * debian/lightdm.lightdm-autologin.pam added, support auto-login when
+ configured in /etc/lightdm/lightdm.conf. closes: #636104
+ * debian/rules:
+ - install both pam files.
-- Yves-Alexis Perez <corsac@debian.org> Mon, 18 Jun 2012 17:43:57 +0200
--- /dev/null
+#%PAM-1.0
+auth requisite pam_nologin.so
+auth required pam_env.so readenv=1
+auth required pam_env.so readenv=1 envfile=/etc/default/locale
+#auth sufficient pam_thinkfinger.so
+auth required pam_permit.so
+auth optional pam_gnome_keyring.so
+@include common-account
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+session required pam_limits.so
+session required pam_loginuid.so
+@include common-session
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session optional pam_gnome_keyring.so auto_start
+@include common-password
# that a module could execute code in the wrong domain.
# When the module is present, "required" would be sufficient (When SELinux
# is disabled, this returns success.)
-session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
session required pam_limits.so
session required pam_loginuid.so
@include common-session
# SELinux needs to intervene at login time to ensure that the process
# starts in the proper default security context. Only sessions which are
# intended to run in the user's context should be run after this.
-session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
# When the module is present, "required" would be sufficient (When SELinux
# is disabled, this returns success.)
session optional pam_gnome_keyring.so auto_start
rm debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/lightdm/gdmflexiserver
dh_install --fail-missing
+override_dh_installpam:
+ dh_installpam
+ dh_installpam --name=lightdm-autologin
+
%:
dh $@ --parallel