Re: PAM RANT (Was: Re: Should md5 password settings be preserved across upgrades?)

To: debian-devel@lists.debian.org
Subject: Re: *PAM RANT* (Was: Re: Should md5 password settings be preserved across upgrades?)
From: Matt Zimmerman <mdz@debian.org>
Date: Sun, 10 Aug 2003 12:35:20 -0400
Message-id: <[🔎] 20030810163520.GX23819@alcor.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20030810072718.GA19616@Sparc006.chriskaine.com.au>
References: <[🔎] E19lWKf-0002ax-84@torres.ka0.zugschlus.de> <[🔎] 20030809162944.GX27489@alcor.net> <[🔎] E19lWtX-0002fP-Rm@torres.ka0.zugschlus.de> <[🔎] 20030809170801.GZ27489@alcor.net> <[🔎] 20030809174343.GB14835@gashuffer> <[🔎] 20030809180112.GA27489@alcor.net> <[🔎] 20030810072718.GA19616@Sparc006.chriskaine.com.au>

On Sun, Aug 10, 2003 at 05:27:18PM +1000, LapTop006 wrote:

> I manage around 30 debian systems, all are installed by first installing
> the image that we use for clients, then we have to modify them to talk to
> our LDAP server, unfortunatly because debian won't put in default pam
> files for other packages to include (There have been several rants about
> this on d-d, correct package would be libpam-modules) we have to modify
> EVERY PAM FILE BY HAND (Becuase several packages have strange orderings of
> pam modules that can cause breakage in the situation where you first auth
> against LDAP but fall back to files). This would be a simple change to
> pam-modules and ONE conffile update to all packages that use pam that
> would make these kind of situations MUCH easier to deal with.

It would definitely be much simpler to have defaults, but surely you don't
need to modify them all by _hand_ without that.  cfengine should be able to
do this pretty easily.

-- 
 - mdz

Reply to:

References:
- Should md5 password settings be preserved across upgrades?
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Should md5 password settings be preserved across upgrades?
  - From: Matt Zimmerman <mdz@debian.org>
- Re: Should md5 password settings be preserved across upgrades?
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Should md5 password settings be preserved across upgrades?
  - From: Matt Zimmerman <mdz@debian.org>
- Re: Should md5 password settings be preserved across upgrades?
  - From: Stephen Gran <sgran@debian.org>
- Re: Should md5 password settings be preserved across upgrades?
  - From: Matt Zimmerman <mdz@debian.org>
- *PAM RANT* (Was: Re: Should md5 password settings be preserved across upgrades?)
  - From: LapTop006 <laptop006@chriskaine.com.au>

Prev by Date: Re: better make a standard for /etc/*/*_not_to_be_run
Next by Date: [ANNOUNCE] first public, highly experimental verison of xml-core
Previous by thread: Re: *PAM RANT* (Was: Re: Should md5 password settings be preserved across upgrades?)
Next by thread: Re: Should md5 password settings be preserved across upgrades?
Index(es):
- Date
- Thread

Re: *PAM RANT* (Was: Re: Should md5 password settings be preserved across upgrades?)

Re: PAM RANT (Was: Re: Should md5 password settings be preserved across upgrades?)