On Wed, Sep 06, seth vidal wrote: > Hi, > On our systems we use pam_access quite extensively. We have a base-set > of rules we apply to every server and then some servers require special > rules. We'd love to be able to use something like: > > /etc/security/access.conf <-- default rules > /etc/security/access.conf.d/*.conf <-- additional rules concatenated > onto the end of the whole set. > > Just like with all the other .d directory changes it would allow us to > drop a file onto the system to let that work w/o having to modify the > access.conf itself. The problem is: the order is important, the first matched rule found will be used. with a .d directory, you don't have this control anymore and you can get bad side effects, depending on at which time which files are created. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@xxxxxxx SUSE LINUX Products GmbH Maxfeldstr. 5 D-90409 Nuernberg -------------------------------------------------------------------- Key fingerprint = 8C6B FD92 EE0F 42ED F91A 6A73 6D1A 7F05 2E59 24BB _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
