[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam.conf/pam.d behavior



Erik Troan wrote:
> We've found it necessary to have pam look for services in /etc/pam.conf if
> they don't have an entry in /etc/pam.d, even if that directory doesn't exist.
> This is the only behavior which will allow seamless upgrades from the
> /etc/pam.conf style of configuration files.

My thoughts on "seamless upgrades" were to run the conversion binary ;^)

It does have the disadvantage of not transcribing the comments in the
original pam.conf file. However, it seems to work very solidly. (I've not
had a single complaint.)

> I think the patch below will do this. I'm not sure it should be the default
> behaviour (though it certainly could be), but it would be nice if the patch
> were available through a #define or the patch is included in the PAM 
> distribution for those folks who need it.
> 
> At any rate, please look over this patch and let me know if I missed something.

The patch looks small, so if there are no other complaints I will #ifdef it
into the library. (The relevant #define will have to be turned on
pre-compilation in the libpam/Makefile).

I'll take a look more closely, when I have the source code in front of me
(its at home but I'm not).

Cheers

Andrew
-- 
               Linux-PAM, libpwdb, Orange-Linux and Linux-GSS
                  http://parc.power.net/morgan/index.html
       [ For those that prefer FTP  ---  ftp://ftp.lalug.org/morgan ]



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []