| 1 |
On Tue, 2002-02-19 at 10:37, Bruce A. Locke wrote: |
| 2 |
> |
| 3 |
> PAM in Gentoo is currently undergoing a revamp. PAM 0.75-r3 is masked |
| 4 |
> out and for very good reason, currently passwd is broken and it has |
| 5 |
> received little testing. Don't play with it unless you know how to work |
| 6 |
> single user mode. ;) |
| 7 |
> |
| 8 |
> PAM 0.75-r3 contains over 50 patches from Redhat to PAM 0.75 and |
| 9 |
> includes pam_stack and pam_console. |
| 10 |
> |
| 11 |
> All entries in /etc/pam.d need to be converted to use pam_stack _after_ |
| 12 |
> Pam 0.75-r4 is out (which will be the first unmasked with pam_stack) and |
| 13 |
> tested to make sure they work. The old pam.d files should continue to |
| 14 |
> work fine until they are updated. Pam 0.75-r4 should be out tomorrow |
| 15 |
> (assuming I find out why passwd is messing up and I get positive |
| 16 |
> feedback from developers) |
| 17 |
> |
| 18 |
> Several pam.d files need to be removed from the pam package and moved |
| 19 |
> into the appropriate packages and the shadow package needs to be updated |
| 20 |
> to remove its version of /etc/login.access. Also, I imagine there are a |
| 21 |
> few packages that use pam that don't install pam.d files. If you spot |
| 22 |
> any pam.d files that need to be updated, etc after 0.75-r4 is out please |
| 23 |
> don't be afraid to fix it or at the very least file a bug report with |
| 24 |
> [PAM] in its title... one of us trained monkeys will answer your report |
| 25 |
> in the order it was received... erm... *cough* ;) |
| 26 |
> |
| 27 |
> pam_console use in login, etc is currently disabled because |
| 28 |
> /etc/security/console.perms needs to be updated to make it devfs |
| 29 |
> friendly. (pam_console is the part of pam that chmod's stuff like the |
| 30 |
> sound device files, etc to the person logged into the actual physical |
| 31 |
> console). Anyone who knows devfs well want to volunteer? :) |
| 32 |
> |
| 33 |
|
| 34 |
We need to add the following to /etc/devfsd.conf: |
| 35 |
|
| 36 |
----------------cut here----------------------- |
| 37 |
# Let PAM manage devfs |
| 38 |
REGISTER .* CFUNCTION |
| 39 |
/lib/security/pam_console_apply_devfsd.so pam_console_apply_single |
| 40 |
$devpath |
| 41 |
-----------------cut here---------------------- |
| 42 |
|
| 43 |
NOTE: the lines after the comment should be only one |
| 44 |
|
| 45 |
And the attatched patch applied to PAM to get the required |
| 46 |
library (i think *g*). |
| 47 |
|
| 48 |
> -- |
| 49 |
> |
| 50 |
> Bruce A. Locke |
| 51 |
> blocke@××××××.org |
| 52 |
> |
| 53 |
> |
| 54 |
> _______________________________________________ |
| 55 |
> gentoo-dev mailing list |
| 56 |
> gentoo-dev@g.o |
| 57 |
> http://lists.gentoo.org/mailman/listinfo/gentoo-dev |
| 58 |
-- |
| 59 |
|
| 60 |
Martin Schlemmer |
| 61 |
Gentoo Linux Developer, Desktop Team Developer |
| 62 |
Cape Town, South Africa |
Archives