From 88ed65148a1913f5208ed87945f96513f16eb2ac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <mail@3v1n0.net>
Date: Wed, 28 Feb 2024 01:57:33 +0100
Subject: [PATCH] gdm-session-worker: Start pam services from defined
 configuration dir

GDM options allow to define where the pam services should be installed,
so use this directory to load them instead of using the system one as
libpam does by default.

This is safer since we are sure we are loading the profiles in the
prefix gdm is installed only, and also helps running gdm in jhbuild :)
---
 daemon/gdm-session-worker.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/daemon/gdm-session-worker.c b/daemon/gdm-session-worker.c
index d3e008b96..b2db680e8 100644
--- a/daemon/gdm-session-worker.c
+++ b/daemon/gdm-session-worker.c
@@ -1234,10 +1234,11 @@ gdm_session_worker_initialize_pam (GdmSessionWorker   *worker,
         pam_conversation.appdata_ptr = worker;
 
         gdm_session_worker_start_auditor (worker);
-        error_code = pam_start (service,
-                                username,
-                                &pam_conversation,
-                                &worker->pam_handle);
+        error_code = pam_start_confdir (service,
+                                        username,
+                                        &pam_conversation,
+                                        PAM_PROFILES_DIR,
+                                        &worker->pam_handle);
         if (error_code != PAM_SUCCESS) {
                 g_debug ("GdmSessionWorker: could not initialize PAM: (error code %d)", error_code);
                 /* we don't use pam_strerror here because it requires a valid
-- 
GitLab