Gentoo Archives: gentoo-dev

From: "Bruce A. Locke" <blocke@××××××.org>
To: gentoo-dev@g.o
Subject: [gentoo-dev] pam 0.75-r3...
Date: Tue, 19 Feb 2002 02:38:23
Message-Id: 1014107826.11973.13.camel@kodiak.chronospace.org
PAM in Gentoo is currently undergoing a revamp.  PAM 0.75-r3 is masked
out and for very good reason, currently passwd is broken and it has
received little testing.  Don't play with it unless you know how to work
single user mode. ;)

PAM 0.75-r3 contains over 50 patches from Redhat to PAM 0.75 and
includes pam_stack and pam_console.

All entries in /etc/pam.d need to be converted to use pam_stack _after_
Pam 0.75-r4 is out (which will be the first unmasked with pam_stack) and
tested to make sure they work.  The old pam.d files should continue to
work fine until they are updated.  Pam 0.75-r4 should be out tomorrow
(assuming I find out why passwd is messing up and I get positive
feedback from developers)

Several pam.d files need to be removed from the pam package and moved
into the appropriate packages and the shadow package needs to be updated
to remove its version of /etc/login.access.  Also, I imagine there are a
few packages that use pam that don't install pam.d files.  If you spot
any pam.d files that need to be updated, etc after 0.75-r4 is out please
don't be afraid to fix it or at the very least file a bug report with
[PAM] in its title... one of us trained monkeys will answer your report
in the order it was received... erm... *cough* ;)

pam_console use in login, etc is currently disabled because
/etc/security/console.perms needs to be updated to make it devfs
friendly.  (pam_console is the part of pam that chmod's stuff like the
sound device files, etc to the person logged into the actual physical
console).  Anyone who knows devfs well want to volunteer? :)

-- 

Bruce A. Locke
blocke@××××××.org

Replies

Subject Author
Re: [gentoo-dev] pam 0.75-r3... Martin Schlemmer <azarah@g.o>