[arch-commits] Commit in gdm/trunk (5 files)

Jan Steffens via arch-commits Sat, 08 Aug 2020 17:51:53 -0700

    Date: Sunday, August 9, 2020 @ 00:50:52
  Author: heftig
Revision: 393334


3.36.3-2: FS#67485 Replace pam_tally with pam_faillock

Added:
  gdm/trunk/0004-pam-arch-Replace-pam_tally-with-pam_faillock.patch
Modified:
  gdm/trunk/0001-Xsession-Don-t-start-ssh-agent-by-default.patch
  gdm/trunk/0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch
  gdm/trunk/0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch
  gdm/trunk/PKGBUILD

--------------------------------------------------------------+
 0001-Xsession-Don-t-start-ssh-agent-by-default.patch         |    7 --
 0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch   |    7 --
 0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch |    7 --
 0004-pam-arch-Replace-pam_tally-with-pam_faillock.patch      |   33 ++++++++++
 PKGBUILD                                                     |   15 +++-
 5 files changed, 49 insertions(+), 20 deletions(-)

Modified: 0001-Xsession-Don-t-start-ssh-agent-by-default.patch
===================================================================
--- 0001-Xsession-Don-t-start-ssh-agent-by-default.patch        2020-08-08 
22:24:55 UTC (rev 393333)
+++ 0001-Xsession-Don-t-start-ssh-agent-by-default.patch        2020-08-09 
00:50:52 UTC (rev 393334)
@@ -1,7 +1,7 @@
-From 58cdf43d7b053a7370e6779d06835c239598f59a Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: "Jan Alexander Steffens (heftig)" <[email protected]>
 Date: Sat, 20 Jun 2015 17:22:38 +0200
-Subject: [PATCH 1/3] Xsession: Don't start ssh-agent by default
+Subject: [PATCH] Xsession: Don't start ssh-agent by default
 
 ---
  data/Xsession.in | 8 --------
@@ -26,6 +26,3 @@
  echo "$0: Setup done, will execute: $command"
  
  eval exec $command
--- 
-2.23.0
-

Modified: 0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch
===================================================================
--- 0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch  2020-08-08 
22:24:55 UTC (rev 393333)
+++ 0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch  2020-08-09 
00:50:52 UTC (rev 393334)
@@ -1,7 +1,7 @@
-From a9c2cb0ae478caf40cc24001fbf6cfbbcc19196e Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: "Jan Alexander Steffens (heftig)" <[email protected]>
 Date: Tue, 10 Sep 2019 20:37:08 +0000
-Subject: [PATCH 2/3] pam-arch: Don't check greeter account for expiry
+Subject: [PATCH] pam-arch: Don't check greeter account for expiry
 
 systemd-sysusers now creates expired accounts, which broke the greeter
 on new installations.
@@ -25,6 +25,3 @@
  
  password required  pam_deny.so
  
--- 
-2.23.0
-

Modified: 0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch
===================================================================
--- 0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch        
2020-08-08 22:24:55 UTC (rev 393333)
+++ 0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch        
2020-08-09 00:50:52 UTC (rev 393334)
@@ -1,7 +1,7 @@
-From 3b6ca2e211b9874e61e9a6950c52b52f2a79dca3 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: "Jan Alexander Steffens (heftig)" <[email protected]>
 Date: Tue, 10 Sep 2019 20:41:10 +0000
-Subject: [PATCH 3/3] pam-arch: Restrict greeter service to the gdm user
+Subject: [PATCH] pam-arch: Restrict greeter service to the gdm user
 
 Copied from pam-exherbo.
 ---
@@ -26,6 +26,3 @@
 +session  required  pam_succeed_if.so audit quiet_success user = gdm
  session  required  pam_systemd.so
  session  optional  pam_permit.so
--- 
-2.23.0
-

Added: 0004-pam-arch-Replace-pam_tally-with-pam_faillock.patch
===================================================================
--- 0004-pam-arch-Replace-pam_tally-with-pam_faillock.patch                     
        (rev 0)
+++ 0004-pam-arch-Replace-pam_tally-with-pam_faillock.patch     2020-08-09 
00:50:52 UTC (rev 393334)
@@ -0,0 +1,33 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <[email protected]>
+Date: Sun, 9 Aug 2020 00:34:37 +0000
+Subject: [PATCH] pam-arch: Replace pam_tally with pam_faillock
+
+pam 1.4.0 removed the former and replaces it with the latter.
+
+https://bugs.archlinux.org/task/67485
+---
+ data/pam-arch/gdm-fingerprint.pam | 2 +-
+ data/pam-arch/gdm-smartcard.pam   | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/data/pam-arch/gdm-fingerprint.pam 
b/data/pam-arch/gdm-fingerprint.pam
+index a4808617..57d57925 100644
+--- a/data/pam-arch/gdm-fingerprint.pam
++++ b/data/pam-arch/gdm-fingerprint.pam
+@@ -1,4 +1,4 @@
+-auth     required  pam_tally.so onerr=succeed file=/var/log/faillog
++auth     required  pam_faillock.so onerr=succeed file=/var/log/tallylog
+ auth     required  pam_shells.so
+ auth     requisite pam_nologin.so
+ auth     required  pam_env.so
+diff --git a/data/pam-arch/gdm-smartcard.pam b/data/pam-arch/gdm-smartcard.pam
+index ec6f75d5..0852476a 100644
+--- a/data/pam-arch/gdm-smartcard.pam
++++ b/data/pam-arch/gdm-smartcard.pam
+@@ -1,4 +1,4 @@
+-auth     required  pam_tally.so onerr=succeed file=/var/log/faillog
++auth     required  pam_faillock.so onerr=succeed file=/var/log/tallylog
+ auth     required  pam_shells.so
+ auth     requisite pam_nologin.so
+ auth     required  pam_env.so

Modified: PKGBUILD
===================================================================
--- PKGBUILD    2020-08-08 22:24:55 UTC (rev 393333)
+++ PKGBUILD    2020-08-09 00:50:52 UTC (rev 393334)
@@ -4,7 +4,7 @@
 pkgbase=gdm
 pkgname=(gdm libgdm)
 pkgver=3.36.3
-pkgrel=1
+pkgrel=2
 pkgdesc="Display manager and login screen"
 url="https://wiki.gnome.org/Projects/GDM";
 arch=(x86_64)
@@ -16,11 +16,13 @@
 source=("git+https://gitlab.gnome.org/GNOME/gdm.git#commit=$_commit";
         0001-Xsession-Don-t-start-ssh-agent-by-default.patch
         0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch
-        0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch)
+        0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch
+        0004-pam-arch-Replace-pam_tally-with-pam_faillock.patch)
 sha256sums=('SKIP'
-            '098ffb1cdc0232f014e5fe5fb8d268b752afc54d6ee661664036879acd075b22'
-            '2e2b12d4609004a010245de51a8c017b164e84f249cd19706d020cb599d2d7e7'
-            '3fa02eb7bbbe1586eae4ae98221a284251ca2869dc731c80b753e7effc443379')
+            'b9ead66d2b6207335f0bd982a835647536998e7c7c6b5248838e5d53132ca21a'
+            'd89a3a852c9656a61a3d418817c883f7a607a0e65aa0eaf9904738c0299f006d'
+            'c18dc79bdd3207c66b6f66a41a51dd069442d2e9053055147c2f90e39f0c4a7d'
+            '091fe36855c39c7e900ba971795c48d155269be470a6ff3e5494b438de7aa3d9')
 
 pkgver() {
   cd gdm
@@ -36,6 +38,9 @@
   patch -Np1 -i ../0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch
   patch -Np1 -i ../0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch
 
+  # https://bugs.archlinux.org/task/67485
+  patch -Np1 -i ../0004-pam-arch-Replace-pam_tally-with-pam_faillock.patch
+
   NOCONFIGURE=1 ./autogen.sh
 }

[arch-commits] Commit in gdm/trunk (5 files)

Reply via email to