[arch-dev-public] PAM config rework

Dave Reisner d at falconindy.com
Sat Jun 2 19:42:20 EDT 2012

Hey all,

I'll be pushing a package into testing this weekend by the name of
'pambase'. The name and basis for this package comes from Gentoo. I'd
like for this to live in [core] and become a dependency of PAM (as well
as absorb /etc/pam.d/other).

pambase will provide a few common PAM configuration files which other
services can draw from (essentially implementing an ancient FS [1]). For
example, it shrinks a useful /etc/pam.d/login down to the following:

  auth       required     pam_securetty.so
  auth       include      system-local-login
  account    include      system-local-login
  session    include      system-local-login

In the short term, util-linux will be rebuilt to enable binaries from
its login-utils subdirectory: login, chfn, chsh, vigr, vipw, and newgrp.
They'll disappear from shadow, and I suspect that over time, more of
shadow's utils will re-appear in util-linux (with the benefit of a more
active and responsive maintainer/community).

In the long term, other utilities are encouraged to adopt these common
PAM files.

Until I actually release the package, I've left a source tarball on
gerolde, for interested parties to review [2].


[1] https://bugs.archlinux.org/task/17188
[2] http://dev.archlinux.org/~dreisner/pambase-20120602-1.src.tar.gz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-dev-public/attachments/20120602/4572137f/attachment.asc>

More information about the arch-dev-public mailing list