`pam_kanidm` doesn't set AUTHTOK after reading from user input, so modules down the stack will have to ask for passwords redundantly. This is only a workaround, and might not be the desired behaviour in all cases.
This change adds documentation on how to set up OpenID connect with
Miniflux, a feedreader application.
Miniflux currently does not support PKCE, and I've therefore raised and
upstream issue, that I reference in the book section.
* selinux is an optional feature
* unix_integration: add selinux config option
On SELinux systems, this setting controls whether SELinux relabeling of
newly created home directories should be performed. The default value of
this is on (even on non-SELinux systems), but the tasks daemon will
perform an additional runtime check for SELinux support and will disable
this feature automatically if this check fails.
* unix_integration: wire up home dir selinux labeling
* unix_integration: create equivalence rules in SELinux policy for aliases
* book: document selinux setting
* Add myself to CONTRIBUTORS.md
Signed-off-by: Kenton Groombridge <concord@gentoo.org>
* removed old todo from #62
* implemented proper display for user_auth_token_session
* auth-token-session display fixes
* updated contributors list
---------
Co-authored-by: Firstyear <william@blackhats.net.au>
* Update CONTRIBUTORS
* Fix debian & ubuntu packaging
* Use standard way to install pam config
* Fix simple_pkg.sh & add pam nss instructions
* Merge ssh with unixd; update CI to build for multiple os versions; upload packages to artifacts
* feat: add unix passwod reset to security web ui
* refactor: fetch profile info in ViewsApp
prevents constant re-fetching of the profile page and allows every view
to access the current_user property
* refactor: move unix password change to component
* docs: add @theSuess to contributors
* fix: further specify kind of password updated
* refactor: perform validity check before submit
* chore: regenerate vendored wasm package
- Fix volume mount name typo in the server configuration and
administrivia documentation pages
- Fix typo in link from PAM and nsswitch documentation
Signed-off-by: Kellin <kellin@retromud.org>
* Use pkg-config to link against pam
Some distros, such as nixos, require more than just '-lpam' to locate
the library. Adding a naive pkg-config invocation to the pam FFI
crate allows pam_kanidm to build on my system, where before this change
it did not.
* Update contributors
Add myself, as requested
Fixes#195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
