On Tue, Jan 09, 2018 at 04:30:56PM +0100, Pavel Březina wrote: > On 01/05/2018 05:21 PM, Zbigniew Jędrzejewski-Szmek wrote: > >On Fri, Jan 05, 2018 at 02:50:45PM +0100, Jan Kurik wrote: > >>= System Wide Change: Make authselect default tool instead of authconfig = > >>https://fedoraproject.org/wiki/Changes/AuthselectAsDefault > > > >Does this change do anything to reduce the number of files in /etc > >that do not contain local configuration? PAM is currently one of the > >worst offenders, with /etc/pam.d full of "configuration" files. > > No. The files must stay since it would require changes in pam itself > and that is out of scope of authselect. Each file corresponds to > individual pam service and is read when pam_start(service_name, ...) > is called. > > >Elsewhere in the thread /usr/share/authselect/custom is metioned as > >directory for admin config. That's OK-ish, as long as you also allow > >a directory in /etc for the same purpose. /usr must be allowed to be > >immutable. > > Would /usr/local be OK as well? /usr/local is special. Packages are not allowed to put stuff there [1], and it is instead an alternate install location that is under the control of the administrator. It seems reasonable to support authselect configuration located there. /usr/share/authselect and /etc/authselect are the two main locations that should be supported, and /usr/local/share/autselect would be an additional option. [1] https://fedoraproject.org/wiki/Packaging:Guidelines#No_Files_or_Directories_under_.2Fsrv.2C_.2Fusr.2Flocal.2C_or_.2Fhome.2F.24USER Zbyszek _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
