>>>>> "Yves-Alexis" == Yves-Alexis Perez <cor...@debian.org> writes:
Yves-Alexis> Can you tell us what exactly is broken by this? As far as Yves-Alexis> I know this pam file is only for the greeter, not for Yves-Alexis> session run from them (they're handled by Yves-Alexis> /etc/pam.d/lightdm which correctly includes the common Yves-Alexis> debian files. People who authenticate only via ldap --- for whom pam_unix.so doesn't work --- cannot log in, because username and password are not know to pam_unix.so only to either pam_ldap.so or pam_sssd.so. I imagine other authentication mechanisms will also fail. What's more if there's any other policy set in common-account or common-session, it's not obeyed (e.g., time-of-use or group membership restrictions) -- Dr Peter Chubb peter.chubb AT nicta.com.au http://www.ssrg.nicta.com.au Software Systems Research Group/NICTA -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org