Em 18-01-2014 15:09, Pierre Labastie escreveu:

> So, I think we'd have to change the instructions on the Linux-Pam page.
> 
> It has:
> 
> rm -rfv /etc/pam.d
> 
> That is OK when shadow and/or sudo do not have PAM support. But when they
> have, that instruction locks you out of your own system!
> You cannot su, sudo, &c anymore. And if you log out, you cannot log in anymore
> either...
> 
> If we want to support updating, the instructions should be:
> ! [ -d /etc/pam.d ] && install -v -m755 -d /etc/pam.d

Just install -v -m755 -d /etc/pam.d will do.

I agree with the rest and really would like to have them in the book.
Have not run them, though. My scripts many times do these tests, but I
save with

mv -vi file(or dir){,.`date +%Y.%m.%d-%Hh%Mm%Ss`}

I want the v info in the log, and am doubly safe with both i and the
date/time stamp, if by any chance make any mistake typing or copying
pasting. Problem is how to revert automatically. Would need to define a
variable, I think. If the package fails at some install point, I will
have all versions and can manually restore later. Have these kind of
things in some scripts.

> ! [ -r /etc/pam.d/other ] || mv /etc/pam.d/other{,.save} &&
> cat > /etc/pam.d/other << "EOF"
> auth     required       pam_deny.so
> account  required       pam_deny.so
> password required       pam_deny.so
> session  required       pam_deny.so
> EOF
> 
> make check
> 
> [ - r /etc/pam.d/other.save ] &&
> mv /etc/pam.d/other{.save,} ||
> rm -rfv /etc/pam.d/other
> 
> With some adequate words in "command explanations" or in the text (even a
> warning about the risk of being unable to log in again)
> 
> Any thoughts
> 


-- 
[]s,
Fernando
-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to