search

nullpo-head / WSL-Hello-sudo

Let's sudo by face recognition of Windows Hello on Windows Subsystem for Linux (WSL). It runs on both WSL 1 and WSL 2. This is a PAM module for Linux on WSL.
MIT License
1.22k stars 47 forks source link

Any idea why on WSL2 PAM modules are not loaded on login (for example pam_env)? #49

Open trallnag opened 2 years ago

trallnag commented 2 years ago

I noticed that on WSL2 /etc/environment is not getting parsed even though Linux-PAM seems to be configured correctly. If I execute sudo login the /etc/environment is parsed. So it seems like there is something missing / wrong about how WSL handles the distribution.

Am I missing something obvious? Asking here because it seems like you know how to get Linux-PAM to properly work with WSL2.

Related:

eternalphane commented 2 years ago

Here's a workaround to start WSL in PAM session from Windows Terminal:

~/.bashrc

...

# wsl login shell
if [ -n "$_WSL_PREV_PATH" ]; then
    export PATH="$_WSL_PREV_PATH"
    unset _WSL_PREV_PATH
fi
if [ -n "$_WSL_PREV_PWD" ]; then
    cd "$_WSL_PREV_PWD"
    unset _WSL_PREV_PWD
fi

...

~/.local/bin/wsl-login

#!/bin/bash

export _WSL_PREV_PATH="$PATH"
export _WSL_PREV_PWD="$PWD"
exec sudo -E "$HOME/.local/sbin/wsl-login-helper"

~/.local/sbin/wsl-login-helper

#!/bin/bash

if [ $(id -u) = 0 ]; then
    user="$SUDO_USER"
    unset "${!SUDO_@}"
    exec login -p -f "$user"
fi

/etc/sudoers.d/wsl-login-helper

<username>    ALL=(ALL) NOPASSWD:SETENV: /home/<username>/.local/sbin/wsl-login-helper

command line setting in Windows Terminal

C:\Windows\system32\wsl.exe -d Debian --shell-type login wsl-login