From c0e3a9f6690cfcefaa390a63c89cfa2f074287ad Mon Sep 17 00:00:00 2001
From: Nathan Holstein <nathan.holstein@gmail.com>
Date: Thu, 6 Aug 2015 01:16:35 -0400
Subject: [PATCH] Add PAM service definition for doas.

These are the same configuration in MacOSX's default service definition
for sudo.
---
 Makefile                   | 4 ++++
 libopenbsd/auth_userokay.c | 2 +-
 pam.d__doas                | 5 +++++
 3 files changed, 10 insertions(+), 1 deletion(-)
 create mode 100644 pam.d__doas

diff --git a/Makefile b/Makefile
index f2277ab..59c4ee7 100644
--- a/Makefile
+++ b/Makefile
@@ -14,3 +14,7 @@ COPTS+= -Wall -Wextra -Werror -pedantic -std=c11
 LDFLAGS+= -lpam
 
 include bsd.prog.mk
+
+/etc/pam.d/doas: pam.d__doas
+	cp $< $@
+install: /etc/pam.d/doas
diff --git a/libopenbsd/auth_userokay.c b/libopenbsd/auth_userokay.c
index ab3d5e0..5565146 100644
--- a/libopenbsd/auth_userokay.c
+++ b/libopenbsd/auth_userokay.c
@@ -27,7 +27,7 @@
 
 #include "openbsd.h"
 
-#define PAM_SERVICE "sudo"
+#define PAM_SERVICE "doas"
 
 #define __UNUSED __attribute__ ((unused))
 
diff --git a/pam.d__doas b/pam.d__doas
new file mode 100644
index 0000000..87551fb
--- /dev/null
+++ b/pam.d__doas
@@ -0,0 +1,5 @@
+# sudo: auth account password session
+auth       required       pam_opendirectory.so
+account    required       pam_permit.so
+password   required       pam_deny.so
+session    required       pam_permit.so
-- 
2.39.2