Hi all, As per discussion with re_at_ and the PAM maintainer, des_at_, I'm about to commit a change to pam_nologin(8) that will require changes to pam.d files. Using old pam.d files will result in nologin(5) just ignored, which is of concern only to multi-user system admins, who are an endangered minority in these days of thinking toasters (sigh!) Here's the paragraph for UPDATING: 20070610: The pam_nologin(8) module ceases to provide an authentication function and starts providing an account management function. Consequent changes to /etc/pam.d should be brought in using mergemaster(8). Third-party files in /usr/local/etc/pam.d may need manual editing as follows. Locate this line (or similar): auth required pam_nologin.so no_warn and change it according to this example: account required pam_nologin.so no_warn That is, the first word needs to be changed from "auth" to "account". The new line can be moved to the account section within the file for clarity. Not updating pam.conf(5) files will result in nologin(5) ignored by the respective services. If no objections are raised at the last minute, I'll send a separate heads-up message to the ports folks with details on how this change is going to affect ports. -- YarReceived on Sat Jun 09 2007 - 13:33:24 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:12 UTC