Date: Thu, 6 Dec 2001 16:37:10 -0800 (PST) From: Dag-Erling Smorgrav <des@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/contrib/libpam/libpam pam_handlers.c Message-ID: <200112070037.fB70bBr14367@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
des 2001/12/06 16:37:10 PST Modified files: contrib/libpam/libpam pam_handlers.c Log: Although the previous went some way towards fixing the pam.conf / pam.d problem, it still didn't DTRT for services that did not have a service- specific policy if /etc/pam.d existed but did not contain an "other" policy. This fixes the problems some people have experienced with sudo. And I almost didn't have to use goto. The current configuration sequence is: 1) Look for /etc/pam.d/foo 2) If PAM_READ_BOTH_CONFS is defined, or step 1) failed, look for foo in /etc/pam.conf 3) Look for /etc/pam.d/other (to fill in the gaps) 4) If PAM_READ_BOTH_CONFS is defined, or step 3) failed, look for other in /etc/pam.conf I believe this is the intended behaviour of the original code. The least surprising behaviour seems to be when PAM_READ_BOTH_CONFS is not defined - /etc/pam.d/foo will be preferred over /etc/pam.conf, but the latter will serve as a backup if the former does not exist. Sponsored by: DARPA, NAI Labs Revision Changes Path 1.4 +109 -116 src/contrib/libpam/libpam/pam_handlers.c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200112070037.fB70bBr14367>