public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-dev] pam 0.75-r3...
@ 2002-02-19  8:37 Bruce A. Locke
  2002-02-19 20:01 ` Martin Schlemmer
  0 siblings, 1 reply; 2+ messages in thread
From: Bruce A. Locke @ 2002-02-19  8:37 UTC (permalink / raw
  To: gentoo-dev

PAM in Gentoo is currently undergoing a revamp.  PAM 0.75-r3 is masked
out and for very good reason, currently passwd is broken and it has
received little testing.  Don't play with it unless you know how to work
single user mode. ;)

PAM 0.75-r3 contains over 50 patches from Redhat to PAM 0.75 and
includes pam_stack and pam_console.

All entries in /etc/pam.d need to be converted to use pam_stack _after_
Pam 0.75-r4 is out (which will be the first unmasked with pam_stack) and
tested to make sure they work.  The old pam.d files should continue to
work fine until they are updated.  Pam 0.75-r4 should be out tomorrow
(assuming I find out why passwd is messing up and I get positive
feedback from developers)

Several pam.d files need to be removed from the pam package and moved
into the appropriate packages and the shadow package needs to be updated
to remove its version of /etc/login.access.  Also, I imagine there are a
few packages that use pam that don't install pam.d files.  If you spot
any pam.d files that need to be updated, etc after 0.75-r4 is out please
don't be afraid to fix it or at the very least file a bug report with
[PAM] in its title... one of us trained monkeys will answer your report
in the order it was received... erm... *cough* ;)

pam_console use in login, etc is currently disabled because
/etc/security/console.perms needs to be updated to make it devfs
friendly.  (pam_console is the part of pam that chmod's stuff like the
sound device files, etc to the person logged into the actual physical
console).  Anyone who knows devfs well want to volunteer? :)

-- 

Bruce A. Locke
blocke@shivan.org




^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [gentoo-dev] pam 0.75-r3...
  2002-02-19  8:37 [gentoo-dev] pam 0.75-r3 Bruce A. Locke
@ 2002-02-19 20:01 ` Martin Schlemmer
  0 siblings, 0 replies; 2+ messages in thread
From: Martin Schlemmer @ 2002-02-19 20:01 UTC (permalink / raw
  To: Gentoo-Dev


[-- Attachment #1.1: Type: text/plain, Size: 2498 bytes --]

On Tue, 2002-02-19 at 10:37, Bruce A. Locke wrote:
> 
> PAM in Gentoo is currently undergoing a revamp.  PAM 0.75-r3 is masked
> out and for very good reason, currently passwd is broken and it has
> received little testing.  Don't play with it unless you know how to work
> single user mode. ;)
> 
> PAM 0.75-r3 contains over 50 patches from Redhat to PAM 0.75 and
> includes pam_stack and pam_console.
> 
> All entries in /etc/pam.d need to be converted to use pam_stack _after_
> Pam 0.75-r4 is out (which will be the first unmasked with pam_stack) and
> tested to make sure they work.  The old pam.d files should continue to
> work fine until they are updated.  Pam 0.75-r4 should be out tomorrow
> (assuming I find out why passwd is messing up and I get positive
> feedback from developers)
> 
> Several pam.d files need to be removed from the pam package and moved
> into the appropriate packages and the shadow package needs to be updated
> to remove its version of /etc/login.access.  Also, I imagine there are a
> few packages that use pam that don't install pam.d files.  If you spot
> any pam.d files that need to be updated, etc after 0.75-r4 is out please
> don't be afraid to fix it or at the very least file a bug report with
> [PAM] in its title... one of us trained monkeys will answer your report
> in the order it was received... erm... *cough* ;)
> 
> pam_console use in login, etc is currently disabled because
> /etc/security/console.perms needs to be updated to make it devfs
> friendly.  (pam_console is the part of pam that chmod's stuff like the
> sound device files, etc to the person logged into the actual physical
> console).  Anyone who knows devfs well want to volunteer? :)
> 

We need to add the following to /etc/devfsd.conf:

----------------cut here-----------------------
# Let PAM manage devfs
REGISTER       .*              CFUNCTION
/lib/security/pam_console_apply_devfsd.so pam_console_apply_single
$devpath
-----------------cut here----------------------

NOTE: the lines after the comment should be only one

And the attatched patch applied to PAM to get the required
library (i think *g*).

> -- 
> 
> Bruce A. Locke
> blocke@shivan.org
> 
> 
> _______________________________________________
> gentoo-dev mailing list
> gentoo-dev@gentoo.org
> http://lists.gentoo.org/mailman/listinfo/gentoo-dev
-- 

Martin Schlemmer
Gentoo Linux Developer, Desktop Team Developer
Cape Town, South Africa


[-- Attachment #1.2: Linux-PAM-0.75-devfsd.patch.bz2 --]
[-- Type: application/x-bzip, Size: 3591 bytes --]

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 232 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-02-19 20:08 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-02-19  8:37 [gentoo-dev] pam 0.75-r3 Bruce A. Locke
2002-02-19 20:01 ` Martin Schlemmer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox