Subject: Re: Sane /etc/pam.d defaults (was: Pam and Current)
To: None <current-users@NetBSD.org>
From: Eric Haszlakiewicz <erh@jodi.nimenees.com>
List: current-users
Date: 06/23/2005 01:20:30
On Wed, Jun 22, 2005 at 10:31:42PM +0200, Bernd Ernesti wrote:
> On Wed, Jun 22, 2005 at 04:10:05PM -0400, Christos Zoulas wrote:
> > On Jun 22, 9:50pm, netbsd@lists.veego.de (Bernd Ernesti) wrote:
> > -- Subject: Sane /etc/pam.d defaults (was: Pam and Current)
> >
> > | Ok, /usr/lib/security needs to exists, but for /etc/pam.d we really need
> > | to add same sane default configuration compiled in if /etc/pam.d doesn't
> > | exists at all or it is empty (maybe also if the requested file is missing).
> > |
> > | We will have more an more reports coming in after 3.0 is out if that isn't
> > | fixed before.
> >
> > Look is supposed to be fixing postinstall to handle it.
>
> No, not in postinstall. This should be be fixed in another way, like compiled
> in default values.
I entirely agree with that, but that idea got rejected for some
reason in an earlier thread about pam. I don't remember what the rationale
for not having a sane default was. Does anyone remember how that argument
went?
eric