From owner-freebsd-security Sat Jan 12 6:10: 7 2002 Delivered-To: freebsd-security@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id E604337B400; Sat, 12 Jan 2002 06:09:58 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id B966B14C57; Sat, 12 Jan 2002 15:09:57 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: current@freebsd.org Subject: HEADS UP: -CURRENT switched from pam.conf to pam.d From: Dag-Erling Smorgrav Date: 12 Jan 2002 15:09:56 +0100 Message-ID: Lines: 21 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The preferred configuration method for PAM is now /etc/pam.d/ rather than /etc/pam.conf. If you have an unmodified pam.conf, just delete it after your next mergemaster run. If you have local modifications, you can use /usr/src/etc/pam.d/convert.pl to incorporate them into your /etc/pam.d: # cd /etc/pam.d # perl -w /usr/src/etc/pam.d/convert.pl /etc/pam.conf The script will create new files for non-standard services you've added to pam.conf, and update existing files while taking care to preserve the version string so as to avoid tripping up mergemaster. If you do neither of these things, then after your next mergemaster run PAM will start using the policies in /etc/pam.d instead of /etc/pam.conf, falling back to the latter only when no appropriate policy was found in the former. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message