On Tue, 2002-02-19 at 10:37, Bruce A. Locke wrote: > > PAM in Gentoo is currently undergoing a revamp. PAM 0.75-r3 is masked > out and for very good reason, currently passwd is broken and it has > received little testing. Don't play with it unless you know how to work > single user mode. ;) > > PAM 0.75-r3 contains over 50 patches from Redhat to PAM 0.75 and > includes pam_stack and pam_console. > > All entries in /etc/pam.d need to be converted to use pam_stack _after_ > Pam 0.75-r4 is out (which will be the first unmasked with pam_stack) and > tested to make sure they work. The old pam.d files should continue to > work fine until they are updated. Pam 0.75-r4 should be out tomorrow > (assuming I find out why passwd is messing up and I get positive > feedback from developers) > > Several pam.d files need to be removed from the pam package and moved > into the appropriate packages and the shadow package needs to be updated > to remove its version of /etc/login.access. Also, I imagine there are a > few packages that use pam that don't install pam.d files. If you spot > any pam.d files that need to be updated, etc after 0.75-r4 is out please > don't be afraid to fix it or at the very least file a bug report with > [PAM] in its title... one of us trained monkeys will answer your report > in the order it was received... erm... *cough* ;) > > pam_console use in login, etc is currently disabled because > /etc/security/console.perms needs to be updated to make it devfs > friendly. (pam_console is the part of pam that chmod's stuff like the > sound device files, etc to the person logged into the actual physical > console). Anyone who knows devfs well want to volunteer? :) > We need to add the following to /etc/devfsd.conf: ----------------cut here----------------------- # Let PAM manage devfs REGISTER .* CFUNCTION /lib/security/pam_console_apply_devfsd.so pam_console_apply_single $devpath -----------------cut here---------------------- NOTE: the lines after the comment should be only one And the attatched patch applied to PAM to get the required library (i think *g*). > -- > > Bruce A. Locke > blocke@shivan.org > > > _______________________________________________ > gentoo-dev mailing list > gentoo-dev@gentoo.org > http://lists.gentoo.org/mailman/listinfo/gentoo-dev -- Martin Schlemmer Gentoo Linux Developer, Desktop Team Developer Cape Town, South Africa