Re: *PAM RANT* (Was: Re: Should md5 password settings be preserved across upgrades?)
On Sun, Aug 10, 2003 at 05:27:18PM +1000, LapTop006 wrote:
> I manage around 30 debian systems, all are installed by first installing
> the image that we use for clients, then we have to modify them to talk to
> our LDAP server, unfortunatly because debian won't put in default pam
> files for other packages to include (There have been several rants about
> this on d-d, correct package would be libpam-modules) we have to modify
> EVERY PAM FILE BY HAND (Becuase several packages have strange orderings of
> pam modules that can cause breakage in the situation where you first auth
> against LDAP but fall back to files). This would be a simple change to
> pam-modules and ONE conffile update to all packages that use pam that
> would make these kind of situations MUCH easier to deal with.
It would definitely be much simpler to have defaults, but surely you don't
need to modify them all by _hand_ without that. cfengine should be able to
do this pretty easily.
--
- mdz
Reply to: