Summary: | [Proposal] Remove non-official pam_modules from PAM ebuild and from default configuration | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Peter Beutner <imago> |
Component: | [OLD] Core system | Assignee: | PAM Gentoo Team (OBSOLETE) <pam-bugs+disabled> |
Status: | RESOLVED REMIND | ||
Severity: | enhancement | CC: | angusyoung, carlo, flameeyes, greg_g, lcars, tacvbo |
Priority: | High | ||
Version: | 2004.3 | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Peter Beutner
2005-01-07 17:42:46 UTC
got things running, take a look to get an idea what i meant http://imago.devinity.de/~pam/ A word of praise for this project, we really need something like this. Thanks Peter! Unfortunately, at the moment we lack someone who has the time and the skill to implement it... glad to hear that i'm not the only one who wants this ;) but its seems at bit tricky to make this change to the portage tree *without* breaking to much systems.So the one-step solution i put together in #1 is maybe not the best idea: - first all packages who place a file in /etc/pam.d/ shouldnt use pam_console by default( which is already work in progress: bug #31877) - same has to be achieved for the pam_stack module-> but before that can be adressed: pam has to be upgraded to 0.78 to use the new include statement instead of pam_stack. - for pam-0.78 see: bug #73082. (its quite a painful work, dealing with all these patches) so there are some steps to be done first. As I've posted to gentoo-dev, for g/fbsd pam_stack must be deprecated asap. Linux-PAM 0.78 is here, so that problem should be ok (why the bug is still open, anyway?). pam_console and other modules could be moved out of pam ebuild i think, as anyway they are use-flagged now, I'm waiting for comments on gentoo-dev and then I'll start hacking at pam ebuild trying to remove the external modules out of it (and clean it up a bit..) About avoiding breaking the tree, the solution I've posted on gentoo-dev (depending on || ( >=sys-libs/linux-pam-0.78 virtual/pam ) ) should make the trick. If you are subscribed to gentoo-dev, join the discussion about it as it's the major blocker at the moment to make g/fbsd work with out-of-the-box packages. Yeah, this is the plan, and moving towards it (why I keyworded the extra crud we could start to punt), but it wont be over night. |