1 |
frank goossens writes: |
2 |
> hello list; |
3 |
> while running etc-update after emerging pam-login-3.14, i noticed that the |
4 |
> line: |
5 |
> |
6 |
> account required /lib/security/pam_access.so |
7 |
> |
8 |
> is to be removed from /etc/pam.d/login. as i am using a non-default |
9 |
> /etc/security/access.conf, this would remove a number of restrictions from |
10 |
> my system. |
11 |
|
12 |
At least on my instalation, it seems that the /etc/pam.d/system-auth |
13 |
file takes care of all system authentication, and the other pam files |
14 |
only include it through pam_stack.so. Therefore, at least for most |
15 |
purposes, the only place you would need to enable pam_access would |
16 |
be in /etc/pam.d/system-auth. |
17 |
|
18 |
So my guess is that since /etc/pam.d/login includes |
19 |
/etc/pam.d/system-auth via pam_stack, it is unnecessary to enable |
20 |
pam_access.conf explicitly there, so it might have been removed |
21 |
for consistency, but without altering behavior. |
22 |
|
23 |
Bruno T. C. de Oliveira |
24 |
GNU/Linux network, Univerdade de São Paulo - Brazil |
25 |
btco@×××××××××××××.br |
26 |
|
27 |
|
28 |
-- |
29 |
gentoo-security@g.o mailing list |