[Libosinfo] [osinfo-db 06/11] install-script, opensuse: Fix passwordless installation

Fabiano Fidêncio fidencio at redhat.com
Tue Apr 18 21:29:26 UTC 2017 

From: Fabiano Fidêncio <fabiano at fidencio.org>

While the passwordless installation worked properly with openSUSE Leap
42.1, it doesn't with current Tumbleweed and openSUSE Leap 42.2.

So, in order to allow the user log into the system using GDM, GDM's PAM
configuration had to be tweaked a little bit to allow passordless login
for a specific group, which has been added and contains the user as its
member.

As this solution also works properly for openSUSE Leap 42.1 I've decided
to not make it conditionally only to Leap 42.2 and Tumbleweed.

The reason behind creating the group manually instead of doing this
through the <groups> attribute of autoyast XML is that it doesn't seem
to work for elder systems (like SLES 11, that will be supported soon).

It's really important to mention that the solution has been described in
the following Arch Wiki:
https://wiki.archlinux.org/index.php/GDM#Passwordless_login

Signed-off-by: Fabiano Fidêncio <fabiano at fidencio.org>
---
 .../opensuse.org/opensuse-autoyast-desktop.xml.in              | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/data/install-script/opensuse.org/opensuse-autoyast-desktop.xml.in b/data/install-script/opensuse.org/opensuse-autoyast-desktop.xml.in
index c089931..932004a 100644
--- a/data/install-script/opensuse.org/opensuse-autoyast-desktop.xml.in
+++ b/data/install-script/opensuse.org/opensuse-autoyast-desktop.xml.in
@@ -246,6 +246,9 @@
 if test -z '<xsl:value-of select="config/user-password"/>'; then
 pam-config -a --unix-nullok
 pam-config -a --nullok
+
+#Enable passwordless login for users that are part of the nopasswdlogin group
+sed -i '3 i auth sufficient pam_succeed_if.so user ingroup nopasswdlogin' /etc/pam.d/gdm-password
 fi
 
 <xsl:choose>
@@ -327,6 +330,13 @@ zypper ar -f <xsl:call-template name="repo-update-oss"/> repo-update-oss
               <skel>/etc/skel</skel>
               <umask>022</umask>
             </user_defaults>
+            <groups config:type="list">
+              <group>
+                <group_password>x</group_password>
+                <groupname>nopasswdlogin</groupname>
+                <userlist><xsl:value-of select="config/user-login"/></userlist>
+              </group>
+            </groups>
             <users config:type="list">
               <user>
                 <encrypted config:type="boolean">false</encrypted>
-- 
2.9.3

More information about the Libosinfo mailing list