session needs to be handled the same way as password, with the possibility of

zero primary modules
author: Steve Langasek <vorlon@debian.org> 2008-08-20 13:06:40 -0700
committer: Steve Langasek <steve.langasek@ubuntu.com> 2019-01-03 17:28:26 -0800
commit: 35655bef4d75cc6deafc7a2ada0527ff222215ee (patch)
tree: ddd1980535858c7cf50773b63ead052551bba226 /debian/local/common-session
parent: 5063352e424603ec5b878b62dc5a6c61bf215662 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/debian/local/common-session b/debian/local/common-session
index 19377017..5856d109 100644
--- a/debian/local/common-session
+++ b/debian/local/common-session
@@ -15,7 +15,9 @@
 # here are the per-package modules (the "Primary" block)
 $session_primary
 # here's the fallback if no module succeeds
-session	requisite			pam_deny.so
+# this is obviously a completely redundant line, except that it lets us
+# handle better the case where there are no "Primary" modules provided
+session	required			pam_permit.so
 # prime the stack with a positive return value if there isn't one already;
 # this avoids us returning an error just because nothing sets a success code
 # since the modules above will each just jump around
author	Steve Langasek <vorlon@debian.org>	2008-08-20 13:06:40 -0700
committer	Steve Langasek <steve.langasek@ubuntu.com>	2019-01-03 17:28:26 -0800
commit	35655bef4d75cc6deafc7a2ada0527ff222215ee (patch)
tree	ddd1980535858c7cf50773b63ead052551bba226 /debian/local/common-session
parent	5063352e424603ec5b878b62dc5a6c61bf215662 (diff)