On 02/14/2013 10:16 AM, Ragnar Thomsen wrote: > I want to discuss the PAM files for kde-workspace. Armin, is there a > reason that you created the files different from the file for login? > > For example, you use the pam_env.so module in auth instead of session. > The man page doesn't reveal what the difference is in running this > module in auth versus session.
First of all, it was mostly a copy of GDM configuration file. It doesn't matter whether it's session or not - env vars are set either way. > You use pam_succeed_if.so and not pam_access.so, pam_limits.so and > pam_faildelay.so. > pam_suceed_if is used to prevent root login via kdm. I don't know what pam_access does ... As for pam_limits, I think it should go there ... I didn't pay enough attention to that. > Shouldn't the same modules be used when logging into kdm as when > logging in with login? > No. pam_motd and pam_mail are useless for display manager but useful when loging in via tty. > Of course for kde-np (passwordless login) the pam_permit.so module > must be used instead of system-auth. > It's used. # Begin /etc/pam.d/kde-np auth requisite pam_nologin.so auth required pam_env.so auth required pam_succeed_if.so uid >= 1000 quiet auth required pam_permit.so # HERE IS IT account include system-account password include system-password session include system-session # End /etc/pam.d/kde-np > - Ragnar - > -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
