Re: IDEA: /etc/pam.d/*/*

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Jul 25, 2004 at 10:57:39AM +0100, Luke Kenneth Casson Leighton wrote:
> there is a minor issue of inter-dependence of packages that may
> be resolved by applying the usual debian approach of 
> "if-it-was-a-config-file-make-it-a-directory".
[snip]
> in other words, the contents of /etc/pam.d/ssh get split into
> a directory, /etc/pam.d/ssh, as follows:
[snip]
> and then, you can install a separate pam-selinux package that
> blats into the mix:
> 
> 800_selinux:
> 
> 	session   required pam_selinux.so
> 
> reckon?

That certainly would provide a way to drop in modules like this, but it
doesn't help solve a very similar problem:  if I want to disable use of
pam_cracklib or pam_passwdqc (or another module which does something
similar), I have to not only remove that line from the configuration
file or section of pam.conf, I have to modify the next line as well to
remove the "use_authtok" flag.

There's a less important problem of making libpam skip over files which
it shouldn't read (for example, automatically-generated "backups" made
by text editors).

Nalin


_______________________________________________

Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux