password required pam_deny.so
EOF
-# extra fix to avoid root and display sessions (PTREL-763)
-patch -b -p1 -d/ <<'EOF'
---- bad/etc/pam.d/system-auth 2014-04-07 06:16:51.888018876 -0700
-+++ good/etc/pam.d/system-auth 2014-04-07 06:16:46.335018503 -0700
-@@ -11,7 +11,6 @@
- password required pam_deny.so
-
- session optional pam_keyinit.so revoke
--session optional pam_systemd.so
- session required pam_limits.so
- session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
- session required pam_unix.so
-EOF
-
# create appfw dirs inside homes
function generic_base_user_exists() {
user=$1