pam_systemd_home: Use PAM_TEXT_INFO for token prompts

The prompts asking the user to physically authenticate
or confirm presence on a security token are informational
requests for action, not error conditions.

This commit changes the message type to PAM_TEXT_INFO,
which is more appropriate for guiding the user through
the authentication process.

(cherry picked from commit db4b6b70434295aa7799ac74b80a6d708d1f0ba4)
(cherry picked from commit 42e5003bbce299518f496694c398dd6e681218f3)
(cherry picked from commit d5f9526427b3a10a5c5038e94d1fbd497513c534)

diff --git a/src/home/pam_systemd_home.c b/src/home/pam_systemd_home.c
index a730697d02c4e7a614afd32f591afb6ed1543234..d3c492bbbc72f978239d450b880bc1e2f1b27134 100644 (file)
--- a/src/home/pam_systemd_home.c
+++ b/src/home/pam_systemd_home.c
@@ -394,7 +394,7 @@ static int handle_generic_user_record_error(
 
                 assert(secret);
 
-                (void) pam_prompt_graceful(handle, PAM_ERROR_MSG, NULL, _("Please authenticate physically on security token of user %s."), user_name);
+                (void) pam_prompt_graceful(handle, PAM_TEXT_INFO, NULL, _("Please authenticate physically on security token of user %s."), user_name);
 
                 r = user_record_set_pkcs11_protected_authentication_path_permitted(secret, true);
                 if (r < 0)
@@ -405,7 +405,7 @@ static int handle_generic_user_record_error(
 
                 assert(secret);
 
-                (void) pam_prompt_graceful(handle, PAM_ERROR_MSG, NULL, _("Please confirm presence on security token of user %s."), user_name);
+                (void) pam_prompt_graceful(handle, PAM_TEXT_INFO, NULL, _("Please confirm presence on security token of user %s."), user_name);
 
                 r = user_record_set_fido2_user_presence_permitted(secret, true);
                 if (r < 0)
@@ -416,7 +416,7 @@ static int handle_generic_user_record_error(
 
                 assert(secret);
 
-                (void) pam_prompt_graceful(handle, PAM_ERROR_MSG, NULL, _("Please verify user on security token of user %s."), user_name);
+                (void) pam_prompt_graceful(handle, PAM_TEXT_INFO, NULL, _("Please verify user on security token of user %s."), user_name);
 
                 r = user_record_set_fido2_user_verification_permitted(secret, true);
                 if (r < 0)