On Sat, 2005-10-08 at 17:49 -0400, Tom Lane wrote: > Tomas Mraz <tmraz@xxxxxxxxxx> writes: > > Linux-PAM 0.78 and later contains include directive which obsoletes > > using the pam_stack module. > > What does that version translate into in terms of RHEL/Fedora releases? > > What would be an appropriate replacement for a trivial default > config file, eg > > #%PAM-1.0 > auth required pam_stack.so service=system-auth > account required pam_stack.so service=system-auth Such a simple config file is replaced with: #%PAM-1.0 auth include system-auth account include system-auth However things get more complicated if in the existing config there are modules AFTER the pam_stack in the auth, account or password phases. Basically they cannot be there if include is used because in the included file there may be "sufficient" entries. So the new config files must be rearranged so these modules are moved up before the include. But sometimes (for example with pam_nologin) it is not possible because it would change semantics a little bit so it's better to move the pam_nologin to account phase. I'm also introducing a new common config file (config-util) which should be used for all system-config-... utilities which use userhelper. So all these utilities should have the same config: #%PAM-1.0 auth include config-util account include config-util session include config-util -- Tomas Mraz <tmraz@xxxxxxxxxx> -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
