On Tue, Oct 12, 2021 at 1:13 PM Michael Catanzaro <mcatanzaro@xxxxxxxxx> wrote: > > > This change is well-considered and includes detailed reasoning to > support it. Looks good to me. > > I think the change proposal should be renamed, though, since authselect > would clearly not *actually* be mandatory. Of course you'll risk severe > breakage if you turn it off and edit these low-level configurations > directly, but that is really no different than it was before. > > On Tue, Oct 12 2021 at 11:45:28 AM -0400, Neal Gompa > <ngompa13@xxxxxxxxx> wrote: > > PAM gained support for systemd-style overlay configuration some time > > ago. Actually a number of core system components did, if the libeconf > > dependency is turned on. Instead of forcing authselect, we should > > probably make sure base functional configuration is shipped in > > something like /usr/share/pam/pam.d or something like that. > > That is not possible with nsswitch.conf, though. This proposal is a > good solution to the problems we've had with correctly maintaining > nsswitch.conf. The status quo (see "Therefore we can split users into > four groups:" in the change proposal) is just not good compared to > Fedora's usual quality standards, and this change proposal would > address all of the problems we've had. Also, I'm pretty sure the > scriptlets we currently rely on to maintain correct configurations just > do not work at all on Silverblue/Kinoite/CoreOS (where editing /etc in > RPM scriplets just does not work), and I suspect nobody really knows > what the situation there is for users who have upgraded from older > releases. > Why hasn't the nsswitch.conf situation been fixed to work in /usr/share like it does in /etc? -- 真実はいつも一つ!/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
