From 0b15761d69408d254d0cad2388fda425f030d990 Mon Sep 17 00:00:00 2001
From: Olivier MEDOC <o_medoc@yahoo.fr>
Date: Mon, 23 Oct 2017 08:09:34 +0200
Subject: [PATCH] archlinux: ship pam.d/qrexec as a replacement of using su

---
 qrexec/Makefile             | 2 ++
 qrexec/qrexec.pam.archlinux | 9 +++++++++
 2 files changed, 11 insertions(+)
 create mode 100644 qrexec/qrexec.pam.archlinux

diff --git a/qrexec/Makefile b/qrexec/Makefile
index 0732c46..443ef0c 100644
--- a/qrexec/Makefile
+++ b/qrexec/Makefile
@@ -21,6 +21,8 @@ install:
 	install qubes-rpc-multiplexer $(DESTDIR)/usr/lib/qubes
 ifeq ($(shell lsb_release -is), Debian)
 	install -D -m 0644 qrexec.pam.debian $(DESTDIR)/etc/pam.d/qrexec
+else ifeq ($(shell lsb_release -is), Arch)
+	install -D -m 0644 qrexec.pam.archlinux $(DESTDIR)/etc/pam.d/qrexec
 else
 	install -D -m 0644 qrexec.pam $(DESTDIR)/etc/pam.d/qrexec
 endif
diff --git a/qrexec/qrexec.pam.archlinux b/qrexec/qrexec.pam.archlinux
new file mode 100644
index 0000000..3289b7c
--- /dev/null
+++ b/qrexec/qrexec.pam.archlinux
@@ -0,0 +1,9 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+# Uncomment the following line to implicitly trust users in the "wheel" group.
+#auth		sufficient	pam_wheel.so trust use_uid
+# Uncomment the following line to require a user to be in the "wheel" group.
+#auth		required	pam_wheel.so use_uid
+auth		include		system-login
+account		include         system-login
+session		include		system-login