[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Deprecating pam_stack.so

Tomas Mraz wrote:

Linux-PAM 0.78 and later contains include directive which obsoletes
using the pam_stack module. This module is rather a hack as it requires
access to pam library internals for its operation and will never be
accepted to upstream.

Thank you.  Simplifying PAM configuration was badly needed.

I have a few wishlist entries to submit, if you have time to
consider them:

- For some reason, pam_ldap interacts strangely with pam_unix.
  Even tough pam_unix comes before it and is "sufficient",
  nobody can login when the network is down or slapd is down.
  Also, you can login as root with root's password from ldap
  even tough there's a valid root entry in /etc/passwd.

- Many pam.d files still use the absolute path "/lib/security/$ISA/"
  that doesn't seem to be useful anymore and looks weird on
  bi-arch systems such as x86_64.

- Something similar of pam_ssh would be much cleaner than the
  current hack of running ssh-agent in GDM's session.  gpg-agent
  support would also be welcome.

 // Bernardo Innocenti - Develer S.r.l., R&D dept.
\X/  http://www.develer.com/

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]