From abcb39dee165beb4776438a6bc174e0208923ad5 Mon Sep 17 00:00:00 2001 From: Isaac Yu Date: Thu, 18 Sep 2025 23:20:01 -0700 Subject: [PATCH] system/lightdm: Add pam rules for fscrypt. Signed-off-by: Andrew Clemons Signed-off-by: Willy Sudiarto Raharjo --- system/lightdm/README | 5 +++++ system/lightdm/lightdm.SlackBuild | 6 ++++++ 2 files changed, 11 insertions(+) diff --git a/system/lightdm/README b/system/lightdm/README index 0402df175a..ac449056cb 100644 --- a/system/lightdm/README +++ b/system/lightdm/README @@ -14,3 +14,8 @@ Then, edit /etc/rc.d/rc.4 and add the following section: if [ -x /usr/bin/lightdm ]; then exec /usr/bin/lightdm fi + + +To enable automatic unlocking of password-protected directories upon +login, pass FSCRYPT=yes to the SlackBuild. +This is useful (ex. when encrypting the /home directory with fscrypt). diff --git a/system/lightdm/lightdm.SlackBuild b/system/lightdm/lightdm.SlackBuild index b687ea7313..960a79c8e6 100644 --- a/system/lightdm/lightdm.SlackBuild +++ b/system/lightdm/lightdm.SlackBuild @@ -142,6 +142,12 @@ rm -rf $PKG/etc/apparmor.d # PAM cp $CWD/pam.d/* $PKG/etc/pam.d/ +# If FSCRYPT=yes is passed, add these PAM rules (to automatically unlock password-protected directories upon login) +if [ ${FSCRYPT:no} = yes ]; then + sed -i '/-auth optional pam_kwallet5.so/a-auth optional pam_fscrypt.so' $PKG/etc/pam.d/lightdm + sed -i '/-session optional pam_ck_connector.so nox11/a-session optional pam_fscrypt.so' $PKG/etc/pam.d/lightdm +fi + # PolicyKit mkdir -p -m700 $PKG/usr/share/polkit-1/rules.d chown polkitd $PKG/usr/share/polkit-1/rules.d