I installed nss_ldap libraries so that the system could authenticate against a OpenLDAP server. Installing nss_ldap modified the system_auth file in pam.d folder (as it should). Specifically it added following lines: auth sufficient pam_ldap.so use_first_pass account sufficient pam_ldap.so password sufficient pam_ldap.so use_authtok session required pam_ldap.so However when I uninstalled nss_ldap, it did not remove those lines from system-auth file. After reboot, when I attempted to log-in (as any system user, including root) I got the following error: "Module is unknown" I had to boot from gentoo CD, and update the config files manually to get it all back to normal. Reproducible: Always Steps to Reproduce: 1. Install nss_ldap 2. Uninstall nss_ldap 3. Attempt to login Actual Results: No user (including root) was able to login. All attempts to login ended in error "Module is unkown" Expected Results: On uninstall of nss_ldap, the system-auth file and any other file modified by nss_ldap in /etc/pam.d should be updated. The uninstall should remove all references to pam_ldap.so Gentoo Base System version 1.6.13 Portage 2.0.51.22-r2 (default-linux/x86/2005.1, gcc-3.3.5-20050130, glibc-2.3.5-r2, 2.6.11-hardened-r15dana-0.1 i686) ================================================================= System uname: 2.6.11-hardened-r15dana-0.1 i686 Intel(R) Xeon(TM) CPU 3.20GHz dev-lang/python: 2.3.5 sys-apps/sandbox: 1.2.11 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6 sys-devel/binutils: 2.15.92.0.2-r10 sys-devel/libtool: 1.5.18-r1 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O3 -march=i686 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O3 -march=i686 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks sandbox sfperms strict" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/Linux/distributions/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="x86 alsa apm arts avi berkdb bitmap-fonts boundschecking chroot crypt cups curl eds emboss encode expat foomaticdb fortran gdbm gif gpm gstreamer gtk gtk2 hardened imlib java jpeg ldap libg++ libwww mad mailwrapper mcal md5sum mikmod motif mp3 mpeg ncurses nls offensive ogg oggvorbis opengl oss pam pcre pdflib perl pic png python qt quicktime readline sdl sftplogging spell ssl symlink tcpd tiff truetype truetype-fonts type1-fonts vorbis xml2 xmms xv zlib userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS
Portage does not touch any files under CONFIG_PROTECT when uninstalling packages.