[Cooker] kdebase: weird kscreensaver3 pam file

Tue, 22 Oct 2002 05:13:45 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Is there any reason why the kscreensaver3 pam file is the way it is?

We install our own /etc/pam.d/system-auth file (and, the winbind setup
during install does something similar, copying
/etc/pam.d/system-auth-winbind over /etc/pam.d/system-auth), which works
~ with almost everything, except (as I discovered this morming) the KDE
screen saver.


[bgmilne@bgmilne bgmilne]$ cat /etc/pam.d/kde3
#%PAM-1.0
auth       required     /lib/security/pam_stack.so service=system-auth
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth
session    optional     /lib/security/pam_console.so
[bgmilne@bgmilne bgmilne]$ cat /etc/pam.d/kscreensaver3
#%PAM-1.0
auth       sufficient  /lib/security/pam_linux_afs.so ignore_root
#auth       sufficient /lib/security/pam_linux_afs.so no_unlog ignore_root
auth       required    /lib/security/pam_pwdb.so shadow nullok


Is there any reason why a non-existent (on Mandrake) pam module is used?:

[bgmilne@bgmilne bgmilne]$ urpmf /lib/security/pam_linux_afs.so
[bgmilne@bgmilne bgmilne]$


Could the following not just be used?
auth       required     /lib/security/pam_stack.so service=system-auth

That's what xscreensaver does:

[bgmilne@bgmilne bgmilne]$ cat /etc/pam.d/xscreensaver
#%PAM-1.0
auth       required     /lib/security/pam_stack.so service=system-auth
[bgmilne@bgmilne bgmilne]$

(In the end, this means that the biggest issue with winbind on desktops
in a windows domain is the fact that users won't be able to get back
into their machines if they lock their desktop :-( And the same a
applies to LDAP, which is my case).

Buchan

- --
|----------------Registered Linux User #182071-----------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x121
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE9tUe4rJK6UGDSBKcRAm7kAJoCwo/wU5Ort8yekjOVDKl69oRx4gCdF2wU
RvjGBd0LTz6bXDXmxNdBb64=
=cABG
-----END PGP SIGNATURE-----

Reply via email to