[gentoo-commits] proj/pambase:master commit in: templates/, /

Sun, 13 Apr 2025 14:15:57 -0700 

commit:     358014938cf2ddf814e3399dba1c7bbe714148f9
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Fri Apr  4 18:42:01 2025 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Sat Apr  5 20:46:57 2025 +0000
URL:        https://gitweb.gentoo.org/proj/pambase.git/commit/?id=35801493

Inline 'unix_authtok' variable

Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 pambase.py                | 4 ----
 templates/passwd.tpl      | 2 +-
 templates/system-auth.tpl | 2 +-
 3 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/pambase.py b/pambase.py
index 1cc9f50..77e31c5 100755
--- a/pambase.py
+++ b/pambase.py
@@ -90,7 +90,6 @@ def process_args(args):
     pathlib.Path("stack").mkdir(parents=True, exist_ok=True)
 
     blank_variables = [
-        "unix_authtok",
         "unix_extended_encryption",
     ]
 
@@ -99,9 +98,6 @@ def process_args(args):
     output = dict.fromkeys(blank_variables, "")
     output.update(vars(args))
 
-    # unconditional variables
-    output["unix_authtok"] = "use_authtok"
-
     if args.yescrypt:
         output["unix_extended_encryption"] = "yescrypt shadow"
     elif args.sha512:

diff --git a/templates/passwd.tpl b/templates/passwd.tpl
index 101a5fc..951f321 100644
--- a/templates/passwd.tpl
+++ b/templates/passwd.tpl
@@ -4,5 +4,5 @@ account         include         system-auth
 password       include         system-auth
 
 {% if gnome_keyring %}
-password       optional        pam_gnome_keyring.so {{ unix_authtok }}
+password       optional        pam_gnome_keyring.so use_authtok
 {% endif %}

diff --git a/templates/system-auth.tpl b/templates/system-auth.tpl
index 21924b3..7740ae6 100644
--- a/templates/system-auth.tpl
+++ b/templates/system-auth.tpl
@@ -71,7 +71,7 @@ password      [success=1 default=ignore]      
pam_systemd_home.so
 {% endif %}
 
 {% if passwdqc or pwquality %}
-password       {{ 'sufficient' if sssd else 'required' }}      pam_unix.so 
try_first_pass {{ unix_authtok|default('', true) }} {{ nullok }} {{ 
unix_extended_encryption|default('', true) }} {{ debug }}
+password       {{ 'sufficient' if sssd else 'required' }}      pam_unix.so 
try_first_pass use_authtok {{ nullok }} {{ unix_extended_encryption|default('', 
true) }} {{ debug }}
 {% else %}
 password       {{ 'sufficient' if sssd else 'required' }}      pam_unix.so 
try_first_pass {{ nullok }} {{ unix_extended_encryption|default('', true) }} {{ 
debug }}
 {% endif %}

Reply via email to