On Mon, 2007-06-18 at 18:10 +0200, Tomas Mraz wrote: > On Fri, 2007-06-15 at 13:46 -0800, Jeff Spaleta wrote: > > On 6/15/07, Denis Leroy <denis@xxxxxxxxxxxxx> wrote: > > > Should it use a scriptlet that modifies /etc/pam.d/gdm in > > > %post (see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232857 ). > > > > It should just work for default desktop installs moving forward. I > > frankly don't care how. > > > > > Or add a patch to the gdm package and make it require pam_keyring ? > > > > uhm should avoid making this a hard requirement for gdm. Can pam deal > > with a scenario > > where pam_keyring is referenced as an optional rule in the auth stack > > but the pam_keyring module is not actually installed? And don't we at > > least have to also consider this being used in the pam stack for kdm, > > since kdm can start a gnome desktop session? > Pam deals with it fine (allows login for nonexistent 'optional' > modules), but it will issue a nasty warning in syslog. I think that > editing gdm config within a %post script is fine. Editing pam configs in package scriptlets strikes me as a really bad idea... it's not something that's ever been done and so a lot of people are going to get very surprised by it. Especially if they've customized their configs at all. And doing it once is going to set the precedent for it to be done more... Jeremy -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list