pam_env -- why is it an auth module?
I've been looking at the pam configuration on some of my debian boxes.
I'm trying to set up pam_winbindd, but am going to have some issues with
stacking.
I saw that pam_env is enabled as an auth module, and saw this blurb in
its config file:
# The original idea for this came from Andrew G. Morgan ...
#<quote>
# Mmm. Perhaps you might like to write a pam_env module that reads a
# default environment from a file? I can see that as REALLY
# useful... Note it would be an "auth" module that returns PAM_IGNORE
# for the auth part and sets the environment returning PAM_SUCCESS in
# the setcred function...
#</quote>
My question is -- why does this need to be an "auth" module? It would
seem to make more sense for it to be a "session" module.
Can anyone shed light on the reasoning behind the above comment?
-- Jeff
Reply to: