From e311a2fb38a304eec41d6d98775ac4d8d379252b Mon Sep 17 00:00:00 2001 From: Daniel Langbein Date: Fri, 15 Apr 2022 15:58:49 +0200 Subject: [PATCH] add de-p1st-pam --- build-pkg/pkglist-de-p1st.txt | 2 +- pkg/de-p1st-pam/.install | 15 +++++++++++++++ pkg/de-p1st-pam/PKGBUILD | 22 ++++++++++++++++++++++ pkg/de-p1st-pam/system-login.holoscript | 9 +++++++++ 4 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 pkg/de-p1st-pam/.install create mode 100644 pkg/de-p1st-pam/PKGBUILD create mode 100644 pkg/de-p1st-pam/system-login.holoscript diff --git a/build-pkg/pkglist-de-p1st.txt b/build-pkg/pkglist-de-p1st.txt index 98cd609..8fd446b 100644 --- a/build-pkg/pkglist-de-p1st.txt +++ b/build-pkg/pkglist-de-p1st.txt @@ -1,4 +1,4 @@ -de-p1st-moz-touch de-p1st-cronie de-p1st-pacman-repo-chromium de-p1st-pacman-repo-surface de-p1st-image-width-limit de-p1st-signal-desktop de-p1st-docker de-p1st-zoom de-p1st-rotate de-p1st-locale de-p1st-systemd de-p1st-sudo de-p1st-screen de-p1st-htop de-p1st-pacman-mirrorlist de-p1st-networkmanager de-p1st-ucode-placeholder de-p1st-ucode-intel de-p1st-ucode-amd de-p1st-nano de-p1st-mkinitcpio de-p1st-makepkg de-p1st-grub de-p1st-font de-p1st-keyboard-de de-p1st-keyboard-x11-de de-p1st-gnupg de-p1st-redshift de-p1st-theme de-p1st-sddm-autologin-placeholder de-p1st-sddm-autologin-yoda de-p1st-sddm-theme-default de-p1st-sddm-theme-nordic de-p1st-gpu-generic de-p1st-gpu-amdgpu de-p1st-installer de-p1st-repo de-p1st-ssh-key-placeholder de-p1st-ssh-key-yoda +de-p1st-pam de-p1st-moz-touch de-p1st-cronie de-p1st-pacman-repo-chromium de-p1st-pacman-repo-surface de-p1st-image-width-limit de-p1st-signal-desktop de-p1st-docker de-p1st-zoom de-p1st-rotate de-p1st-locale de-p1st-systemd de-p1st-sudo de-p1st-screen de-p1st-htop de-p1st-pacman-mirrorlist de-p1st-networkmanager de-p1st-ucode-placeholder de-p1st-ucode-intel de-p1st-ucode-amd de-p1st-nano de-p1st-mkinitcpio de-p1st-makepkg de-p1st-grub de-p1st-font de-p1st-keyboard-de de-p1st-keyboard-x11-de de-p1st-gnupg de-p1st-redshift de-p1st-theme de-p1st-sddm-autologin-placeholder de-p1st-sddm-autologin-yoda de-p1st-sddm-theme-default de-p1st-sddm-theme-nordic de-p1st-gpu-generic de-p1st-gpu-amdgpu de-p1st-installer de-p1st-repo de-p1st-ssh-key-placeholder de-p1st-ssh-key-yoda de-p1st-pacman de-p1st-smartcard de-p1st-kernel-default de-p1st-kernel-lts de-p1st-dns de-p1st-ssh de-p1st-base de-p1st-base-gui diff --git a/pkg/de-p1st-pam/.install b/pkg/de-p1st-pam/.install new file mode 100644 index 0000000..b754ef5 --- /dev/null +++ b/pkg/de-p1st-pam/.install @@ -0,0 +1,15 @@ +## arg 1: the new package version +post_install() { + holo apply +} + +## arg 1: the new package version +## arg 2: the old package version +post_upgrade() { + holo apply +} + +## arg 1: the old package version +post_remove() { + holo apply +} diff --git a/pkg/de-p1st-pam/PKGBUILD b/pkg/de-p1st-pam/PKGBUILD new file mode 100644 index 0000000..2a2d150 --- /dev/null +++ b/pkg/de-p1st-pam/PKGBUILD @@ -0,0 +1,22 @@ +# Maintainer: Daniel Langbein +_pkgname=pam +_reponame=arch +pkgname="de-p1st-$_pkgname" +pkgver=0.0.1 +pkgrel=1 +pkgdesc="PAM configuration" +arch=('any') +url="https://codeberg.org/privacy1st/${_reponame}" +license=('MIT') +depends=() +depends+=('holo' 'git' 'base') # holo depends on base (otherwise "holo apply" may fail on initial system installation) and git (git-diff) +makedepends=('git') +install='.install' +source=("git+${url}.git") +sha256sums=('SKIP') + +package() { + cd "${_reponame}/pkg/${pkgname}" + + install -Dm0544 system-login.holoscript "$pkgdir"/usr/share/holo/files/20-"$pkgname"/etc/pam.d/system-login.holoscript +} diff --git a/pkg/de-p1st-pam/system-login.holoscript b/pkg/de-p1st-pam/system-login.holoscript new file mode 100644 index 0000000..8bef8a8 --- /dev/null +++ b/pkg/de-p1st-pam/system-login.holoscript @@ -0,0 +1,9 @@ +#!/bin/sh +# stdin: default config +# stdout: modified config +set -e +cat + +# Enforce a delay after a failed login attempt +# - https://wiki.archlinux.org/title/Security#Enforce_a_delay_after_a_failed_login_attempt +echo 'auth optional pam_faildelay.so delay=4000000'