Use PAM properly, which allows us to handle other auth types
Previously I was just presenting a static username/password box, and then running PAM with pre-set credentials. This works just fine when PAM is expecting a username and password, but if it's expecting something like a fingerprint scan or a hardware security token, this wouldn't entirely work right. Well, it would "work", but the username/password dialog would be displayed, and then hitting "Unlock" would start a different auth process with no visible feedback as to what's supposed to happen. This also means I need to switch PAM wrapper crates; the one I was using before did not allow passing a fixed username to the underlying pam_start() call, which meant that PAM would try to prompt the user for it, which is not what we want.
This commit is contained in:
@ -14,5 +14,5 @@ gtk-sys = "0.15"
|
||||
gdk-sys = "0.15"
|
||||
gdkx11 = "0.15"
|
||||
log = "0.4"
|
||||
pam = "0.7"
|
||||
pam-client = "0.5"
|
||||
shell-words = "1"
|
||||
|
||||
Reference in New Issue
Block a user