From 9e1e0688552230c54a2bcba85a3821fb06c13299 Mon Sep 17 00:00:00 2001 From: William Douglas Date: Mon, 2 Jul 2012 16:47:55 -0700 Subject: [PATCH] enable use of pam with sshd Change-Id: I8641465164b0ecd9cc1d9b0edbf5fd2b29ef51ca Signed-off-by: William Douglas --- packaging/openssh.spec | 9 ++++++++- packaging/sshd.pam | 8 ++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 packaging/sshd.pam diff --git a/packaging/openssh.spec b/packaging/openssh.spec index f079787..a5007a6 100644 --- a/packaging/openssh.spec +++ b/packaging/openssh.spec @@ -12,6 +12,7 @@ Source5: sshd@.service Source6: sshd.socket Source7: sshd-keygen.service Source8: sshd-keygen +Source9: sshd.pam Source1001: openssh.manifest Patch0: 0001-customize-configuration.patch @@ -34,6 +35,8 @@ BuildRequires: xauth BuildRequires: zlib-devel BuildRequires: pkgconfig(ncurses) BuildRequires: pkgconfig(openssl) +BuildRequires: pam-devel + %package clients Summary: The OpenSSH client applications @@ -103,6 +106,7 @@ LDFLAGS="$LDFLAGS -pie"; export LDFLAGS --disable-strip \ --without-zlib-version-check \ --with-nss \ + --with-pam \ --without-kerberos5 make @@ -133,6 +137,9 @@ rm -f %{buildroot}%{_sysconfdir}/profile.d/gnome-ssh-askpass.* mkdir -p %{buildroot}/var/empty/sshd +install -d %{buildroot}%{_sysconfdir}/pam.d/ +install -m644 %{SOURCE9} %{buildroot}%{_sysconfdir}/pam.d/sshd + %remove_docs rm -rf %{buildroot}%{_datadir}/man @@ -196,4 +203,4 @@ fi %{_libdir}/systemd/system/multi-user.target.wants/sshd.socket %{_libdir}/systemd/system/multi-user.target.wants/sshd-keygen.service %{_sbindir}/sshd-keygen - +%{_sysconfdir}/pam.d/sshd diff --git a/packaging/sshd.pam b/packaging/sshd.pam new file mode 100644 index 0000000..483b714 --- /dev/null +++ b/packaging/sshd.pam @@ -0,0 +1,8 @@ +#%PAM-1.0 +auth include system-auth +account required pam_nologin.so +account include system-auth +password include system-auth +session include system-auth +session required pam_loginuid.so +session optional pam_keyinit.so force revoke -- 2.7.4