da2fa46551
Instead of the old workaround that replaces the whole PAM config, use Debian's framework (pam-configs) to add a rule for su. Enable it for users in qubes group only. PAM Config framework documentation: https://wiki.ubuntu.com/PAMConfigFrameworkSpec Issue: QubesOS/qubes-issues#5799 Original PR this change is based on: QubesOS/qubes-core-agent-linux#171
32 lines
905 B
Bash
32 lines
905 B
Bash
#!/bin/bash
|
|
# postinst script for qubes-core-agent-passwordless-root
|
|
#
|
|
# see: dh_installdeb(1)
|
|
|
|
set -e
|
|
|
|
# The postinst script may be called in the following ways:
|
|
# * <postinst> 'configure' <most-recently-configured-version>
|
|
# * <old-postinst> 'abort-upgrade' <new version>
|
|
# * <conflictor's-postinst> 'abort-remove' 'in-favour' <package>
|
|
# <new-version>
|
|
# * <postinst> 'abort-remove'
|
|
# * <deconfigured's-postinst> 'abort-deconfigure' 'in-favour'
|
|
# <failed-install-package> <version> 'removing'
|
|
# <conflicting-package> <version>
|
|
#
|
|
# For details, see http://www.debian.org/doc/debian-policy/ or
|
|
# https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html or
|
|
# the debian-policy package
|
|
|
|
pam-auth-update --package
|
|
|
|
# dh_installdeb will replace this with shell code automatically
|
|
# generated by other debhelper scripts.
|
|
|
|
#DEBHELPER#
|
|
|
|
exit 0
|
|
|
|
# vim: set ts=4 sw=4 sts=4 et :
|