pam.d_su.qubes 790 B

123456789101112131415161718192021
  1. #%PAM-1.0
  2. auth sufficient pam_rootok.so
  3. # Uncomment the following line to implicitly trust users in the "wheel" group.
  4. #auth sufficient pam_wheel.so trust use_uid
  5. # Uncomment the following line to require a user to be in the "wheel" group.
  6. #auth required pam_wheel.so use_uid
  7. # {{ Qubes specific modifications begin here
  8. # Prevent su from asking for password
  9. # (by package qubes-core-agent-passwordless-root).
  10. auth sufficient pam_succeed_if.so use_uid user ingroup qubes
  11. # }} Qubes specific modifications end here
  12. auth substack system-auth
  13. auth include postlogin
  14. account sufficient pam_succeed_if.so uid = 0 use_uid quiet
  15. account include system-auth
  16. password include system-auth
  17. session include system-auth
  18. session include postlogin
  19. session optional pam_xauth.so