[arch-dev-public] PAM config rework
Dave Reisner
d at falconindy.com
Sat Jun 2 19:42:20 EDT 2012
Hey all,
I'll be pushing a package into testing this weekend by the name of
'pambase'. The name and basis for this package comes from Gentoo. I'd
like for this to live in [core] and become a dependency of PAM (as well
as absorb /etc/pam.d/other).
pambase will provide a few common PAM configuration files which other
services can draw from (essentially implementing an ancient FS [1]). For
example, it shrinks a useful /etc/pam.d/login down to the following:
auth required pam_securetty.so
auth include system-local-login
account include system-local-login
session include system-local-login
In the short term, util-linux will be rebuilt to enable binaries from
its login-utils subdirectory: login, chfn, chsh, vigr, vipw, and newgrp.
They'll disappear from shadow, and I suspect that over time, more of
shadow's utils will re-appear in util-linux (with the benefit of a more
active and responsive maintainer/community).
In the long term, other utilities are encouraged to adopt these common
PAM files.
Until I actually release the package, I've left a source tarball on
gerolde, for interested parties to review [2].
Cheers,
Dave
[1] https://bugs.archlinux.org/task/17188
[2] http://dev.archlinux.org/~dreisner/pambase-20120602-1.src.tar.gz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-dev-public/attachments/20120602/4572137f/attachment.asc>
More information about the arch-dev-public
mailing list