add missing pam.d/su portion

2024-05-01 14:41:45 -07:00 · 2024-05-01 14:41:45 -07:00 · dde128ef2d
commit dde128ef2d
parent c14492cf60
1 changed files with 12 additions and 0 deletions
--- a/config.sh
+++ b/config.sh
@ -626,6 +626,18 @@ EOF
  KERNEL_VERSION=$(rpm -q kernel --qf '%{version}-%{release}.%{arch}\n')
  dracut -f /boot/initramfs-${KERNEL_VERSION}.img ${KERNEL_VERSION}
  rm -rf /etc/ssh/ssh_host_*
+
+  # Might not be needed for 10
+  ex -s /etc/pam.d/su <<'EOF'
+/^account\s\+sufficient\s\+pam_succeed_if.so uid = 0 use_uid quiet$/
+:append
+account   [success=1 default=ignore] \\
+        pam_succeed_if.so user = vagrant use_uid quiet
+account   required  pam_succeed_if.so user notin root:vagrant
+.
+:update
+:quit
+EOF
 }

 function vbox_vagrant_steps() {