On Wed, 2007-12-19 at 16:55 +0100, Christopher Aillon wrote: > On 12/19/2007 03:48 PM, Patrice Dumas wrote: > > On Wed, Dec 19, 2007 at 09:28:22AM -0500, Matthias Clasen wrote: > >>> We don't have necessarily time to do such things. Many people in fedora > >>> are benevolent. > >>> > >>> Anyway why not do a pam module such that all the login systems (be it > >>> wdm, xdm, console login...) can benefit from it? We have a wondefully > >>> modular system for everything that can take place on login, this would > >>> ease life for a lot of people, and allow for choice of UI instead of > >>> tying those who don't have the money to pay programmers to UI they don't > >>> like. > >> > >> Don't let Nalin hear that... > > > > I don't really understand your comment. > > Nalin (the pam maintainer in Fedora), is very much against using pam > modules in non-authentication ways. Yes, we know that other things do > it. That doesn't mean we should keep doing it. Hmm, I have been the pam maintainer in Fedora (and RHEL) already for 3 years. Nalin was the previous maintainer. I'm not really sure what Nalin means by using pam modules in non-authentication ways and which problems are brought by such modules. Pulseaudio could be probably started by pam_exec module. But if it should run under the uid/gid of the user it would be more appropriate to run it from the user's login session directly. Running things from PAM modules should be reserved for things which require root priviledges. -- Tomas Mraz No matter how far down the wrong road you've gone, turn back. Turkish proverb -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list