From ad8e237140589e1dd7d38780771ef27609b4d69d Mon Sep 17 00:00:00 2001
From: Stephane Desneux <stephane.desneux@open.eurogiciel.org>
Date: Mon, 7 Apr 2014 15:19:59 +0200
Subject: [PATCH] generic-base: do not start systemd user sessions for pam
 login service

Change-Id: Ie87f2f209d55030b6057c1baf08fcdc39279fa31
Signed-off-by: Stephane Desneux <stephane.desneux@open.eurogiciel.org>
---
 scripts/generic-base.post | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/scripts/generic-base.post b/scripts/generic-base.post
index 9c3d9eb..df85e42 100644
--- a/scripts/generic-base.post
+++ b/scripts/generic-base.post
@@ -60,7 +60,6 @@ fi
 
 # workaround for bug PTREL-763
 patch -p1 -d/ <<'EOF'
-diff -urN bad/etc/pam.d/systemd-user good/etc/pam.d/systemd-user
 --- bad/etc/pam.d/systemd-user 2014-03-20 10:01:36.657843073 +0100
 +++ good/etc/pam.d/systemd-user 2014-03-20 10:06:51.586121696 +0100
 @@ -4,5 +4,6 @@
@@ -72,6 +71,20 @@ diff -urN bad/etc/pam.d/systemd-user good/etc/pam.d/systemd-user
  password required pam_deny.so
 EOF
 
+# extra fix to avoid root and display sessions
+patch -p1 -d/ <<'EOF'
+--- bad/etc/pam.d/system-auth	2014-04-07 06:16:51.888018876 -0700
++++ good/etc/pam.d/system-auth	2014-04-07 06:16:46.335018503 -0700
+@@ -11,7 +11,6 @@
+ password    required      pam_deny.so
+ 
+ session     optional      pam_keyinit.so revoke
+-session     optional      pam_systemd.so
+ session     required      pam_limits.so
+ session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
+ session     required      pam_unix.so
+EOF
+
 ######### multiuser mode: create additional users
 tizen_crypted_pass=$(perl -e 'print crypt("tizen", "aa")')
 uid=5001
-- 
2.7.4