Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-03-13 07:46:32 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'ArrayBolt3/arraybolt3/sysmaint'

Browse Source
This commit is contained in:
Patrick Schleizer 2024-12-24 00:08:58 -05:00
commit 27d015d58e
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
usr/libexec/security-misc/pam-info
View File

@ -76,10 +76,17 @@ if [ "$PAM_USER" = 'sysmaint' ]; then
sysmaint_passwd_info="$(passwd --status sysmaint 2>/dev/null)" || true
sysmaint_lock_info="$(cut -d' ' -f2 <<< "${sysmaint_passwd_info}")"
if [ "${sysmaint_lock_info}" = 'L' ]; then
echo "$0: ERROR: Reboot and choose 'PERSISTENT mode SYSMAINT' for system maintenance. See https://www.kicksecure.com/wiki/sysmaint"
echo "$0: ERROR: Reboot and choose 'PERSISTENT mode SYSMAINT' for system maintenance. See https://www.kicksecure.com/wiki/Sysmaint"
fi
fi
kernel_cmdline="$(cat /proc/cmdline)"
if [ "$PAM_USER" != 'sysmaint' ] \
&& [[ "${kernel_cmdline}" =~ 'boot-role=sysmaint' ]]; then
echo "$0: WARNING: Reboot and choose 'PERSISTENT mode USER' for normal work. See https://www.kicksecure.com/wiki/Sysmaint"
fi
## https://forums.whonix.org/t/how-strong-do-linux-user-account-passwords-have-to-be-when-using-full-disk-encryption-fde-too/7698
## Does not work (yet) for login, pam_securetty runs before and aborts.