New updated Linux-PAM module need some testing...

ratler at lunar-linux.org ratler at lunar-linux.org
Tue Oct 26 07:12:53 UTC 2004



On Mon, 25 Oct 2004, Auke Kok wrote:

> ratler at lunar-linux.org wrote:
>> ...any volounteers?
>> 
>> The module now contain some very useful pam modules such as pam_stack and 
>> pam_console and a few more. First reason I wanted to fix this module was 
>> because in some rare conditions a bug in PAM made public keys in ssh to 
>> fail when sshd had UsePAM yes enabled. Or rather the key work, but pam 
>> session returned error making the session to terminate.
>> 
>> Anyway, i removed a few pam.d/ files that I think should be moved to it's 
>> own lunar module. If this module work (for the few that still use PAM) im 
>> going to modify all pam.d files to use pam_stack, such as xserver, xdm, 
>> kdm, sshd, login and probably a few more, that way a user only have to 
>> modify system-auth and the changes apply to all pam aware apps.
>> 
>> Module can be downloaded at http://people.su.se/~swold/Linux-PAM.tar.bz2
>
> works OOTB as far as I can see, can you produce a set of pam.d files and 
> preferably diffs what is going to change in the future?
>
> PS I hereby nominate you Knight of PAM :^P
>

Great. Yea I will go through all PAM aware apps and fix a diff for those 
pam.d files that need changes, however I just want to point out that all 
the current pam.d files will work without _any_ problems with the new 
Linux-PAM module, so no cause of alarm. The changes I'm going to make will 
just make global settings easier to do, edit one file instead of all when 
you want to modify PAM's behavior.

I have one question to you though sofar, the pam.d code in the core, it 
doesn't replace /etc/pam.d files does it?

Best regards
Stefan Wold



More information about the Lunar-dev mailing list