diff options
| author | Christian Rößler | 2013-11-21 17:38:48 +0100 |
|---|---|---|
| committer | Christian Rößler | 2013-11-21 17:38:48 +0100 |
| commit | d8e77f3affcc11af0dec6c7bb96a7b53576da519 (patch) | |
| tree | 3e7f30d4a6e42a9fff2969c629f48cba56b6c483 /server | |
| parent | [systemd] systemd.build: Corrected pkg_config-Path to own kmod (diff) | |
| parent | [stage4-blacklist] Remove links to shell, poweroff/reboot/shutdown, whitelist... (diff) | |
| download | tm-scripts-d8e77f3affcc11af0dec6c7bb96a7b53576da519.tar.gz tm-scripts-d8e77f3affcc11af0dec6c7bb96a7b53576da519.tar.xz tm-scripts-d8e77f3affcc11af0dec6c7bb96a7b53576da519.zip | |
Merge branch 'master' of git.openslx.org:openslx-ng/tm-scripts
Diffstat (limited to 'server')
| -rw-r--r-- | server/blacklists/desktop-sessions/filter | 1 | ||||
| -rw-r--r-- | server/blacklists/essential/linux-base | 6 | ||||
| -rw-r--r-- | server/modules/pam-freiburg/etc/pam.d/common-session | 16 |
3 files changed, 15 insertions, 8 deletions
diff --git a/server/blacklists/desktop-sessions/filter b/server/blacklists/desktop-sessions/filter index 66d3589a..aafd1156 100644 --- a/server/blacklists/desktop-sessions/filter +++ b/server/blacklists/desktop-sessions/filter @@ -2,3 +2,4 @@ + /usr/share/xsessions/gnome.desktop + /usr/share/xsessions/kde-plasma.desktop + /usr/share/xsessions/ubuntu.desktop ++ /usr/share/xsessions/xfce.desktop diff --git a/server/blacklists/essential/linux-base b/server/blacklists/essential/linux-base index 4f58b6c9..f83ef1ac 100644 --- a/server/blacklists/essential/linux-base +++ b/server/blacklists/essential/linux-base @@ -32,5 +32,11 @@ - /initrd.img.old - /vmlinuz - /vmlinuz.old +# Interfering binaries/links +- /sbin/shutdown +- /sbin/reboot +- /sbin/poweroff +- /sbin/halt +- /bin/sh # This is where the bind-mount of mltk resides... - /export/build diff --git a/server/modules/pam-freiburg/etc/pam.d/common-session b/server/modules/pam-freiburg/etc/pam.d/common-session index 9a8b73e1..26ff89a3 100644 --- a/server/modules/pam-freiburg/etc/pam.d/common-session +++ b/server/modules/pam-freiburg/etc/pam.d/common-session @@ -13,26 +13,26 @@ # pam-auth-update(8) for details. # here are the per-package modules (the "Primary" block) -session [default=1] pam_permit.so +session [default=1] pam_permit.so # here's the fallback if no module succeeds -session requisite pam_deny.so +session requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around -session required pam_permit.so +session required pam_permit.so # The pam_umask module will set the umask according to the system default in # /etc/login.defs and user settings, solving the problem of different # umask settings with different shells, display managers, remote sessions etc. # See "man pam_umask". session optional pam_umask.so # and here are more per-package modules (the "Additional" block) -session required pam_systemd.so -session optional pam_ck_connector.so +session required pam_systemd.so +session optional pam_ck_connector.so nox11 session optional pam_env.so readenv=1 session optional pam_env.so readenv=1 envfile=/etc/default/locale -session optional pam_krb5.so minimum_uid=1000 -session [success=1] pam_unix.so +session optional pam_krb5.so minimum_uid=1000 +session [success=1] pam_unix.so session [success=ok] pam_ldap.so -session sufficient pam_script.so +session sufficient pam_script.so session optional pam_mkhomedir.so skel=/etc/skel umask=0022 # end of pam-auth-update config |