Tons of desktop fixes

12 files changed, 55 insertions, 37 deletions

diff --git a/files/etc/cron.d/unbound.idm_server b/files/etc/cron.d/unbound.idm_server
new file mode 100644
index 0000000..56d8809
--- /dev/null
+++ b/files/etc/cron.d/unbound.idm_server
@@ -0,0 +1,2 @@
+MAILTO=root
+@daily ${unbound_user} /usr/local/libexec/idm-update-unbound-blocklists ${unbound_blocklist_url_file} ${unbound_whitelist_file} ${unbound_blocklist_dir}
diff --git a/files/etc/exports.common b/files/etc/exports.nfs_server
index 4ea7fd2..4ea7fd2 100644
--- a/files/etc/exports.common
+++ b/files/etc/exports.nfs_server
diff --git a/files/etc/login.conf.desktop b/files/etc/login.conf.desktop
index 558c80a..919a887 100644
--- a/files/etc/login.conf.desktop
+++ b/files/etc/login.conf.desktop
@@ -2,7 +2,7 @@ default:\\
 	:passwd_format=sha512:\\
 	:copyright=/etc/COPYRIGHT:\\
 	:welcome=/var/run/motd:\\
-	:setenv=BLOCKSIZE=K,XDG_DATA_DIRS=/usr/local/override\\c/usr/local/share,XDG_DATA_HOME=/usr/local/home/\$/.local/share,XDG_STATE_HOME=/usr/local/home/\$/.local/state,XDG_CACHE_HOME=/usr/local/home/\$/.cache,XDG_CONFIG_HOME=/usr/local/home/\$/.config,KDEHOME=/usr/local/home/\$/.kde:\\
+	:setenv=BLOCKSIZE=K,XDG_DATA_DIRS=${xdg_override_dir}\\c/usr/local/share,XDG_DATA_HOME=/usr/local/home/\$/.local/share,XDG_STATE_HOME=/usr/local/home/\$/.local/state,XDG_CACHE_HOME=/usr/local/home/\$/.cache,XDG_CONFIG_HOME=/usr/local/home/\$/.config,KDEHOME=/usr/local/home/\$/.kde:\\
 	:mail=/var/mail/\$:\\
 	:path=/sbin /bin /usr/local/sbin /usr/local/bin /usr/sbin /usr/bin ~/bin:\\
 	:nologin=/var/run/nologin:\\
diff --git a/files/etc/pam.d/cups.cups_server b/files/etc/pam.d/cups.cups_server
index b61c074..03c2763 100644
--- a/files/etc/pam.d/cups.cups_server
+++ b/files/etc/pam.d/cups.cups_server
@@ -1,8 +1,6 @@
-# auth
-auth    sufficient  /usr/local/lib/security/pam_krb5.so try_first_pass
-auth    required    pam_unix.so no_warn try_first_pass
+auth      sufficient  /usr/local/lib/security/pam_krb5.so try_first_pass
+auth      required    pam_unix.so no_warn try_first_pass
 
-# account
-account   required  /usr/local/lib/security/pam_krb5.so
-account   required  pam_login_access.so
-account   required  pam_unix.so
+account   required    /usr/local/lib/security/pam_krb5.so
+account   required    pam_login_access.so
+account   required    pam_unix.so
diff --git a/files/etc/pam.d/kde.freebsd b/files/etc/pam.d/kde.freebsd
index 2604c78..8f87b98 100644
--- a/files/etc/pam.d/kde.freebsd
+++ b/files/etc/pam.d/kde.freebsd
@@ -1,2 +1,5 @@
-auth     required    /usr/local/lib/security/pam_krb5.so try_first_pass
-account  required    /usr/local/lib/security/pam_krb5.so
+auth      required    /usr/local/lib/security/pam_krb5.so try_first_pass
+
+account   required    /usr/local/lib/security/pam_krb5.so
+account   required    pam_login_access.so
+account   required    pam_unix.so
diff --git a/files/etc/pam.d/login.freebsd b/files/etc/pam.d/login.freebsd
new file mode 100644
index 0000000..164fcb0
--- /dev/null
+++ b/files/etc/pam.d/login.freebsd
@@ -0,0 +1,16 @@
+auth      sufficient  pam_self.so   no_warn
+auth      sufficient  /usr/local/lib/security/pam_krb5.so try_first_pass
+auth      required    pam_unix.so   no_warn try_first_pass nullok
+
+account   requisite   pam_securetty.so
+account   required    pam_nologin.so
+account   required    /usr/local/lib/security/pam_krb5.so
+account   required    pam_login_access.so
+account   required    pam_unix.so
+
+session   required    pam_lastlog.so    no_fail
+session   required    pam_xdg.so
+session   required    /usr/local/lib/security/pam_krb5.so
+
+password  sufficient  /usr/local/lib/security/pam_krb5.so try_first_pass
+password  required    pam_unix.so no_warn try_first_pass
diff --git a/files/etc/pam.d/sddm.freebsd b/files/etc/pam.d/sddm.freebsd
index ef359ff..6a75823 100644
--- a/files/etc/pam.d/sddm.freebsd
+++ b/files/etc/pam.d/sddm.freebsd
@@ -2,15 +2,20 @@
 # try multiple authentication sources (like krb5 but fall back to pam_unix)
 # if we want pam_kwallet5 to execute.
 # Hence, for sddm, we try krb5 only (no local accounts).
-auth      required  /usr/local/lib/security/pam_krb5.so try_first_pass
-auth      optional  pam_exec.so /usr/local/libexec/pam-create-local-homedir
-auth      optional  pam_kwallet5.so
+auth      sufficient  pam_self.so no_warn
+auth      required    /usr/local/lib/security/pam_krb5.so try_first_pass
+auth      optional    pam_exec.so /usr/local/libexec/pam-create-local-homedir
+auth      optional    pam_kwallet5.so
 
-account   required  /usr/local/lib/security/pam_krb5.so
-account   required  pam_login_access.so
-account   required  pam_unix.so
+account   requisite   pam_securetty.so
+account   required    pam_nologin.so
+account   required    /usr/local/lib/security/pam_krb5.so
+account   required    pam_login_access.so
+account   required    pam_unix.so
 
-session   required  pam_lastlog.so no_fail
-session   optional  pam_kwallet5.so auto_start
+session   required    pam_lastlog.so no_fail
+session   required    pam_xdg.so no_fail
+session   required    /usr/local/lib/security/pam_krb5.so
+session   optional    pam_kwallet5.so auto_start
 
-password  required  /usr/local/lib/security/pam_krb5.so try_first_pass
+password  required    /usr/local/lib/security/pam_krb5.so try_first_pass
diff --git a/files/etc/pam.d/sshd.freebsd b/files/etc/pam.d/sshd.freebsd
index 57b281b..559a980 100644
--- a/files/etc/pam.d/sshd.freebsd
+++ b/files/etc/pam.d/sshd.freebsd
@@ -1,17 +1,13 @@
-# auth
-auth    sufficient  /usr/local/lib/security/pam_krb5.so try_first_pass
-auth    required    pam_unix.so no_warn try_first_pass
+auth      sufficient  /usr/local/lib/security/pam_krb5.so try_first_pass
+auth      required    pam_unix.so no_warn try_first_pass
 
-# account
-account   required  pam_nologin.so
-account   required  /usr/local/lib/security/pam_krb5.so
-account   required  pam_login_access.so
-account   required  pam_unix.so
+account   required    pam_nologin.so
+account   required    /usr/local/lib/security/pam_krb5.so
+account   required    pam_login_access.so
+account   required    pam_unix.so
 
-# session
-session   required  /usr/local/lib/security/pam_krb5.so
-session   required  pam_permit.so
+session   required    /usr/local/lib/security/pam_krb5.so
+session   required    pam_permit.so
 
-# password
 password  sufficient  /usr/local/lib/security/pam_krb5.so try_first_pass
 password  required    pam_unix.so no_warn try_first_pass
diff --git a/files/etc/pam.d/sudo.freebsd b/files/etc/pam.d/sudo.freebsd
index 425bf4e..6a6b0a4 100644
--- a/files/etc/pam.d/sudo.freebsd
+++ b/files/etc/pam.d/sudo.freebsd
@@ -1,15 +1,11 @@
-# auth
-auth    sufficient    /usr/local/lib/security/pam_krb5.so try_first_pass
-auth    required      pam_unix.so no_warn try_first_pass
+auth      sufficient  /usr/local/lib/security/pam_krb5.so try_first_pass
+auth      required    pam_unix.so no_warn try_first_pass
 
-# account
 account   required    /usr/local/lib/security/pam_krb5.so
 account   required    pam_login_access.so
 account   required    pam_unix.so
 
-# session
 account   required    pam_permit.so
 
-# password
 password  sufficient  /usr/local/lib/security/pam_krb5.so try_first_pass
 password  required    pam_unix.so no_warn try_first_pass
diff --git a/files/etc/profile.d/kde.sh.common b/files/etc/profile.d/kde.sh.desktop
index 010d5c1..010d5c1 100644
--- a/files/etc/profile.d/kde.sh.common
+++ b/files/etc/profile.d/kde.sh.desktop
diff --git a/files/etc/profile.d/kde.sh.laptop b/files/etc/profile.d/kde.sh.laptop
new file mode 120000
index 0000000..a248985
--- /dev/null
+++ b/files/etc/profile.d/kde.sh.laptop
@@ -0,0 +1 @@
+kde.sh.desktop
\ No newline at end of file
diff --git a/files/etc/profile.d/kde.sh.roadwarrior_laptop b/files/etc/profile.d/kde.sh.roadwarrior_laptop
new file mode 120000
index 0000000..a248985
--- /dev/null
+++ b/files/etc/profile.d/kde.sh.roadwarrior_laptop
@@ -0,0 +1 @@
+kde.sh.desktop
\ No newline at end of file