/etc/pam.d/lightdm-autologin is in lightdm 1.18.3-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 | #%PAM-1.0
# Block login if they are globally disabled
auth requisite pam_nologin.so
# Load environment from /etc/environment and ~/.pam_environment
session required pam_env.so readenv=1
session required pam_env.so readenv=1 envfile=/etc/default/locale
# Allow access without authentication
auth required pam_succeed_if.so user != root quiet_success
auth required pam_permit.so
@include common-account
# SELinux needs to be the first session rule. This ensures that any
# lingering context has been cleared. Without out this it is possible
# that a module could execute code in the wrong domain.
# When the module is present, "required" would be sufficient (When SELinux
# is disabled, this returns success.)
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
session required pam_limits.so
session required pam_loginuid.so
@include common-session
# SELinux needs to intervene at login time to ensure that the process
# starts in the proper default security context. Only sessions which are
# intended to run in the user's context should be run after this.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
# When the module is present, "required" would be sufficient (When SELinux
# is disabled, this returns success.)
# Can't change password
password required pam_deny.so
@include common-password
|