[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shadow 1:4.0.3-26.1 replaces pam.d/login pam.d/passwd; what to do?

On Fri, Apr 30, 2004 at 07:21:08PM -0700, William Ballard wrote:
> The newest "shadow" in Sid has modified /etc/pam.d/login and 
> /etc/pam.d/passwd in ways I cannot grok.
> 
> I started with Woody, and answered the security-password related 
> questions (Do you want to....) that made the modifications to the config 
> files.
> 
> It appeared to insert things like common-auth, common-password, &c. in 
> place of whatever it was doing before.  I chose to replace my files with 
> the new versions.  Was that the right call?
> 
> Here are the relevant parts that changed:
> 
> # diff /etc/pam.d/login.dpkg-old /etc/pam.d/login | grep -v '^< #'

I advise using 'diff -u'. Plain diff is only barely legible.

> 31c31
> < auth       required   pam_unix.so nullok
> ---
> > @include common-auth
> 52,53c52,53
> < account    required   pam_unix.so
> < session    required   pam_unix.so
> ---
> > @include common-account
> > @include common-session
> 75,99c75
> <
> <
> < password   required   pam_unix.so nullok obscure min=4 max=8 md5
> <
> ---
> > @include common-password
> 
> # diff /etc/pam.d/passwd.dpkg-old /etc/pam.d/passwd | grep -v '^< #'
> 5,17c5
> ---
> > @include common-password
> 19,28d6
> < password   required   pam_unix.so nullok obscure min=4 max=8 md5
> <

Those all look straightforward to me. Look at /etc/pam.d/common-* if you
want to see what the includes do.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]
Reply to: