[arch-commits] Commit in gdm/trunk (2 files)
Jan Steffens
heftig at gemini.archlinux.org
Thu Dec 23 11:52:51 UTC 2021
Date: Thursday, December 23, 2021 @ 11:52:50
Author: heftig
Revision: 432986
41.0+r25+geb6d39a2-1
Modified:
gdm/trunk/PKGBUILD
Deleted:
gdm/trunk/0002-pam-arch-Drop-pam_faillock-counting-from-fingerprint.patch
-----------------------------------------------------------------+
0002-pam-arch-Drop-pam_faillock-counting-from-fingerprint.patch | 73 ----------
PKGBUILD | 12 -
2 files changed, 2 insertions(+), 83 deletions(-)
Deleted: 0002-pam-arch-Drop-pam_faillock-counting-from-fingerprint.patch
===================================================================
--- 0002-pam-arch-Drop-pam_faillock-counting-from-fingerprint.patch 2021-12-23 10:01:05 UTC (rev 432985)
+++ 0002-pam-arch-Drop-pam_faillock-counting-from-fingerprint.patch 2021-12-23 11:52:50 UTC (rev 432986)
@@ -1,73 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: "Jan Alexander Steffens (heftig)" <heftig at archlinux.org>
-Date: Tue, 31 Aug 2021 21:51:46 +0000
-Subject: [PATCH] pam-arch: Drop pam_faillock counting from fingerprint and
- smartcard
-
-As mentioned in an [fprintd issue comment][1], we need to make sure that
-the stack's error status is taken from the main auth module, i.e.
-pam_fprintd, otherwise GDM will not behave correctly.
-
-Still use pam_faillock preauth so that we test whether the account is
-locked, but don't use authfail/authsucc to log a failure/success so this
-stack doesn't participate in triggering the lock.
-
-Ideally we would check which return values we actually want to treat as
-a reason to lock the account (e.g. fingerprint mismatch) and which are
-neutral (e.g. no fingerprints enrolled), but that's much more effort.
-
-Should fix [FS#71750][2].
-
-[1]: https://gitlab.freedesktop.org/libfprint/fprintd/-/issues/112#note_1016191
-[2]: https://bugs.archlinux.org/task/71750
----
- data/pam-arch/gdm-fingerprint.pam | 10 ++--------
- data/pam-arch/gdm-smartcard.pam | 10 ++--------
- 2 files changed, 4 insertions(+), 16 deletions(-)
-
-diff --git a/data/pam-arch/gdm-fingerprint.pam b/data/pam-arch/gdm-fingerprint.pam
-index cc660d9a90ba..2aaf9f6c88a0 100644
---- a/data/pam-arch/gdm-fingerprint.pam
-+++ b/data/pam-arch/gdm-fingerprint.pam
-@@ -2,16 +2,10 @@
-
- auth required pam_shells.so
- auth requisite pam_nologin.so
--auth required pam_faillock.so preauth
--# Optionally use requisite above if you do not want to prompt for the fingerprint
--# on locked accounts.
--auth [success=1 default=ignore] pam_fprintd.so
--auth [default=die] pam_faillock.so authfail
-+auth requisite pam_faillock.so preauth
-+auth required pam_fprintd.so
- auth optional pam_permit.so
- auth required pam_env.so
--auth required pam_faillock.so authsucc
--# If you drop the above call to pam_faillock.so the lock will be done also
--# on non-consecutive authentication failures.
- auth [success=ok default=1] pam_gdm.so
- auth optional pam_gnome_keyring.so
-
-diff --git a/data/pam-arch/gdm-smartcard.pam b/data/pam-arch/gdm-smartcard.pam
-index e6ec129948a7..6d7333bf4204 100644
---- a/data/pam-arch/gdm-smartcard.pam
-+++ b/data/pam-arch/gdm-smartcard.pam
-@@ -2,16 +2,10 @@
-
- auth required pam_shells.so
- auth requisite pam_nologin.so
--auth required pam_faillock.so preauth
--# Optionally use requisite above if you do not want to prompt for the smartcard
--# on locked accounts.
--auth [success=1 default=ignore] pam_pkcs11.so wait_for_card card_only
--auth [default=die] pam_faillock.so authfail
-+auth requisite pam_faillock.so preauth
-+auth required pam_pkcs11.so wait_for_card card_only
- auth optional pam_permit.so
- auth required pam_env.so
--auth required pam_faillock.so authsucc
--# If you drop the above call to pam_faillock.so the lock will be done also
--# on non-consecutive authentication failures.
- auth [success=ok default=1] pam_gdm.so
- auth optional pam_gnome_keyring.so
-
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2021-12-23 10:01:05 UTC (rev 432985)
+++ PKGBUILD 2021-12-23 11:52:50 UTC (rev 432986)
@@ -3,7 +3,7 @@
pkgbase=gdm
pkgname=(gdm libgdm)
-pkgver=41.0+r15+g23ebe617
+pkgver=41.0+r25+geb6d39a2
pkgrel=1
pkgdesc="Display manager and login screen"
url="https://wiki.gnome.org/Projects/GDM"
@@ -13,14 +13,12 @@
libxdmcp systemd)
makedepends=(yelp-tools gobject-introspection git docbook-xsl meson)
checkdepends=(check)
-_commit=23ebe617119506a0614f1bd2c76cd9bcf7e8fb7c # main
+_commit=eb6d39a2473f4d58431cd599d9e8480c44aaebbc # main
source=("git+https://gitlab.gnome.org/GNOME/gdm.git#commit=$_commit"
0001-Xsession-Don-t-start-ssh-agent-by-default.patch
- 0002-pam-arch-Drop-pam_faillock-counting-from-fingerprint.patch
default.pa)
sha256sums=('SKIP'
'39a7e1189d423dd428ace9baac77ba0442c6706a861d3c3db9eb3a6643e223f8'
- 'e3dcaaa5ffa2dd4d3338c8b5827965ea2ca1efd9a95d7272a107e6121cb7898f'
'e88410bcec9e2c7a22a319be0b771d1f8d536863a7fc618b6352a09d61327dcb')
pkgver() {
@@ -31,14 +29,8 @@
prepare() {
cd gdm
- # https://bugs.archlinux.org/task/67485
- git cherry-pick -n 8528a503ad70669a5f0c03d0a92ba19326983b82
-
# Don't start ssh-agent by default
git apply -3 ../0001-Xsession-Don-t-start-ssh-agent-by-default.patch
-
- # https://bugs.archlinux.org/task/71750
- git apply -3 ../0002-pam-arch-Drop-pam_faillock-counting-from-fingerprint.patch
}
build() {
More information about the arch-commits
mailing list