Re: emerge pam-login-3.14

frank goossens writes:
> hello list;
> while running etc-update after emerging pam-login-3.14, i noticed that the 
> line:
> 
> account required /lib/security/pam_access.so
> 
> is to be removed from /etc/pam.d/login. as i am using a non-default 
> /etc/security/access.conf, this would remove a number of restrictions from 
> my system.

At least on my instalation, it seems that the /etc/pam.d/system-auth
file takes care of all system authentication, and the other pam files
only include it through pam_stack.so. Therefore, at least for most
purposes, the only place you would need to enable pam_access would
be in /etc/pam.d/system-auth.

So my guess is that since /etc/pam.d/login includes
/etc/pam.d/system-auth via pam_stack, it is unnecessary to enable
pam_access.conf explicitly there, so it might have been removed
for consistency, but without altering behavior.

Bruno T. C. de Oliveira
GNU/Linux network, Univerdade de São Paulo - Brazil
btco <at> linux.ime.usp.br

--
gentoo-security <at> gentoo.org mailing list