]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 89065ad)
pam_systemd_home: Use PAM_TEXT_INFO for token prompts
authorVunny Sodhi <vunny.sodhi@unikie.com>
Wed, 21 Jan 2026 10:27:55 +0000 (12:27 +0200)
committerLennart Poettering <lennart@poettering.net>
Wed, 21 Jan 2026 13:18:15 +0000 (14:18 +0100)
The prompts asking the user to physically authenticate
or confirm presence on a security token are informational
requests for action, not error conditions.

This commit changes the message type to PAM_TEXT_INFO,
which is more appropriate for guiding the user through
the authentication process.

src/home/pam_systemd_home.c patch | blob | blame | history

diff --git a/src/home/pam_systemd_home.c b/src/home/pam_systemd_home.c
index 8a4993d1496d8c2a02d7a3f04bac553a1461c83a..c58a3433760be223bfd2e8b3e345baeba77a1ed9 100644 (file)
--- a/src/home/pam_systemd_home.c
+++ b/src/home/pam_systemd_home.c
@@ -432,7 +432,7 @@ static int handle_generic_user_record_error(
 
                 assert(secret);
 
-                (void) pam_prompt_graceful(pamh, PAM_ERROR_MSG, NULL, _("Please authenticate physically on security token of user %s."), user_name);
+                (void) pam_prompt_graceful(pamh, PAM_TEXT_INFO, NULL, _("Please authenticate physically on security token of user %s."), user_name);
 
                 r = user_record_set_pkcs11_protected_authentication_path_permitted(secret, true);
                 if (r < 0)
@@ -443,7 +443,7 @@ static int handle_generic_user_record_error(
 
                 assert(secret);
 
-                (void) pam_prompt_graceful(pamh, PAM_ERROR_MSG, NULL, _("Please confirm presence on security token of user %s."), user_name);
+                (void) pam_prompt_graceful(pamh, PAM_TEXT_INFO, NULL, _("Please confirm presence on security token of user %s."), user_name);
 
                 r = user_record_set_fido2_user_presence_permitted(secret, true);
                 if (r < 0)
@@ -454,7 +454,7 @@ static int handle_generic_user_record_error(
 
                 assert(secret);
 
-                (void) pam_prompt_graceful(pamh, PAM_ERROR_MSG, NULL, _("Please verify user on security token of user %s."), user_name);
+                (void) pam_prompt_graceful(pamh, PAM_TEXT_INFO, NULL, _("Please verify user on security token of user %s."), user_name);
 
                 r = user_record_set_fido2_user_verification_permitted(secret, true);
                 if (r < 0)
Unnamed repository; edit this file 'description' to name the repository.