[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: pam.d [Re: LDAP Authentication]

That's a good point - in Solaris and HP-UX there's a single /etc/pam.conf file which controls all aspects of authentication on those OSs, which makes sysadmin's job much easier.  But I can see /etc/pam.d/* being a good thing for software developers.  Plus, according to the documentation (assuming it's still correct on this), if /etc/pam.d directory exists, the framework will ignore /etc/pam.conf, which is a slippery slope considering software installation and upgrades.  So, I think that creating a single /etc/pam.conf is out of the question now, thanks for the info.

-----Original Message-----
From: Jim Wildman [mailto:jim rossberry com]
Sent: Tuesday, September 09, 2003 3:08 PM
To: pam-list redhat com
Subject: Re: pam.d [Re: LDAP Authentication]

pam.d (and its *.d brethren) make management by package software (rpm,
apt) MUCH easier.  Instead of having to sed -e s/something/someting/
/etc/pam.conf (with all the risks and vpitfalls) the package just drops
a new file in the appropriate .d directory and perhaps hups the service.
very nice and clean.  

I would not recommend combining them unless you are ready to fix it
again for every update of every package that has a file in pam.d.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]