diff options
Diffstat (limited to 'roles/local_homedirs/tasks')
-rw-r--r-- | roles/local_homedirs/tasks/main.yml | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/roles/local_homedirs/tasks/main.yml b/roles/local_homedirs/tasks/main.yml index 7e90959..2a5859f 100644 --- a/roles/local_homedirs/tasks/main.yml +++ b/roles/local_homedirs/tasks/main.yml @@ -26,6 +26,20 @@ when: local_homedir_sefcontext.changed tags: selinux +- name: copy kwallet script + copy: + src: '{{ local_homedir_kwallet_script[1:] }}' + dest: '{{ local_homedir_kwallet_script }}' + mode: 0555 + setype: xdm_unconfined_exec_t + +- name: set xdm_unconfined_exec_t sefcontext on kwallet script + sefcontext: + target: '{{ local_homedir_kwallet_script }}' + state: present + setype: xdm_unconfined_exec_t + tags: selinux + - name: copy profile script copy: src: etc/profile.d/local-homedirs.sh @@ -65,6 +79,14 @@ - auth optional pam_env.so conffile={{ local_homedir_pam_env_path }} when: "'sddm' in ansible_facts.packages" +- name: modify sddm PAM configuration for kwallet + lineinfile: + path: /etc/pam.d/sddm + line: auth optional pam_exec.so {{ local_homedir_kwallet_script }} + insertafter: auth\s+optional\s+pam_kwallet\.so$ + state: present + when: "'sddm' in ansible_facts.packages" + - name: modify pam configs for sshd lineinfile: path: /etc/pam.d/sshd |