Instead of tweaking a bunch of ebuilds to remove all references to pam_console
from /etc/pam.d/*, then forcing the user to add them manually afterward, why not
promote pam_console to a global use flag and let the ebuilds add the references
themselves if the flag is present?
Steps to Reproduce:
I'd say because the idea is of removing pam_console entirely with new version
Is this an upstream decision, or Gentoo's? Is it going to be replaced with
something equivalent? (Group-based access control doesn't scale to hundreds of
users sharing hundreds of machines. Whoever is sitting at the console should
have control of the devices, not someone logged in remotely.)
Upstream never supported pam_console (it's a RedHat patch).
pam_console will probably have its own ebuild for who wants to tinker with it,
but it's up to them to change their pam.d files.
It's pointless adding pam_console useflag on other packages, as just login and
eventually ?dm should use it.
Also, it screw ups pretty badly when used in the wrong way.
It's a no-go for now.