#
# /etc/pam.d/kdm-np - specify the PAM behaviour of kdm for passwordless logins
#
auth       required     pam_nologin.so
auth       required     pam_env.so readenv=1
auth       required     pam_env.so readenv=1 envfile=/etc/default/locale
# SELinux needs to be the first session rule. This ensures that any
# lingering context has been cleared. Without out this it is possible
# that a module could execute code in the wrong domain.
session    [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so close
session    required     pam_limits.so
session    required     pam_loginuid.so
@include common-session
# SELinux needs to intervene at login time to ensure that the process
# starts in the proper default security context. Only sessions which are
# intended to run in the user's context should be run after this.
session    [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so open
@include common-account
@include common-password
auth       required     pam_permit.so
