On Tue, Jan 31, Mike Becher wrote: > 1) My patch includes creation of missed manual login.access.5. Yes, that needs to be removed from Makefile.am. I discussed this with the other main Linux-PAM developers and we agree that we don't wish to have the compat code in it. > 2) If we check if inet_ntop, inet_pton and yp_get_default_domain exists > then we should provide some alternativ if configure will them not found. That's something which needs to be fixed in another way. Instead of yp_get_default_domain domainname() should be used. Meand we would also get ride of -lnsl. But are there really systems which don't provide that function? > 3) Some correctness in access.conf.5. Are there real content changes? I could only find reformating. access.conf.5 is now generated from a xml file, I fixed all the bugs in it yesterday evening, attached is my latest revesion. I removed for example this "su" service from it, su sets PAM_TTY, so a rule with servie "su" will never work. Services, which set PAM_RHOSTS or PAM_TTY cannot by used with their name. There where also comments about group membership, but pam_access does not have code for this. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@xxxxxxx SUSE LINUX Products GmbH Maxfeldstr. 5 D-90409 Nuernberg -------------------------------------------------------------------- Key fingerprint = A368 676B 5E1B 3E46 CFCE 2D97 F8FD 4E23 56C6 FB4B
Attachment:
pam_access.diff.gz
Description: application/gunzip
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
