[arch-general] pambase update now requires explicit service files in /etc/pam.d/ - dovecot affected
Amish
anon.amish at gmail.com
Sat Feb 9 01:21:23 UTC 2019
On 09/02/19 12:50 am, David C. Rankin wrote:
> All,
>
> With the latest change to pambase, e.g.
>
> https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/pambase&id=3552aba772e8bebbe754a4d01f2729e291dd2070
>
> if you have services that rely on pam authentication, such as dovecot, etc..,
> you will find that your applications an no longer authenticate using pam until
> you install a specific pam service in /etc/pam.d for that application,
Although this change is probably not going to affect me
but may be this should have been done in two releases.
First release where pam_unix.so lines are kept as it is
but with new pam_warn.so lines too.
This will start throwing warning in log but services will
continue to work. Hence alerting the administrator
instead of breaking service all-of-sudden.
And then in some future release switch pam_unix.so to
pam_deny.so.
I would also suggest to have a message displayed by
pacman after upgrade.
Regards,
Amish.
More information about the arch-general
mailing list