That's a good point - in Solaris and HP-UX there's a single /etc/pam.conf file which controls all aspects of authentication on those OSs, which makes sysadmin's job much easier. But I can see /etc/pam.d/* being a good thing for software developers. Plus, according to the documentation (assuming it's still correct on this), if /etc/pam.d directory exists, the framework will ignore /etc/pam.conf, which is a slippery slope considering software installation and upgrades. So, I think that creating a single /etc/pam.conf is out of the question now, thanks for the info. -----Original Message----- From: Jim Wildman [mailto:jim@xxxxxxxxxxxxx] Sent: Tuesday, September 09, 2003 3:08 PM To: pam-list@xxxxxxxxxx Subject: Re: pam.d [Re: LDAP Authentication] pam.d (and its *.d brethren) make management by package software (rpm, apt) MUCH easier. Instead of having to sed -e s/something/someting/ /etc/pam.conf (with all the risks and vpitfalls) the package just drops a new file in the appropriate .d directory and perhaps hups the service. very nice and clean. I would not recommend combining them unless you are ready to fix it again for every update of every package that has a file in pam.d. _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
