On 09/02/19 12:50 am, David C. Rankin wrote:
All,
With the latest change to pambase, e.g.
https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/pamb...
if you have services that rely on pam authentication, such as dovecot, etc.., you will find that your applications an no longer authenticate using pam until you install a specific pam service in /etc/pam.d for that application,
Although this change is probably not going to affect me but may be this should have been done in two releases.
First release where pam_unix.so lines are kept as it is but with new pam_warn.so lines too.
This will start throwing warning in log but services will continue to work. Hence alerting the administrator instead of breaking service all-of-sudden.
And then in some future release switch pam_unix.so to pam_deny.so.
I would also suggest to have a message displayed by pacman after upgrade.
Regards,
Amish.