[Petter Reinholdtsen] > diff -urN pam-1.1.0/debian/pam-configs/group > pam-1.1.0-pere/debian/pam-configs/group > --- pam-1.1.0/debian/pam-configs/group 1970-01-01 01:00:00.000000000 > +0100 > +++ pam-1.1.0-pere/debian/pam-configs/group 2010-01-28 20:51:57.000000000 > +0100 > @@ -0,0 +1,6 @@ > +Name: Group membership granted at login > +Default: yes > +Priority: 257 > +Auth-Type: Primary > +Auth: > + optional pam_group.so
I just tested this patch with libpam-heimdal with priority 704, and to make sure pam_group is inserted before this one, the priority should be changed to a higher number. I propose 800, and here is the patch to implement it: diff -urN pam-1.1.0/debian/pam-configs/group pam-1.1.0-pere/debian/pam-configs/group --- pam-1.1.0/debian/pam-configs/group 1970-01-01 01:00:00.000000000 +0100 +++ pam-1.1.0-pere/debian/pam-configs/group 2010-01-28 20:51:57.000000000 +0100 @@ -0,0 +1,6 @@ +Name: Group membership granted at login +Default: yes +Priority: 800 +Auth-Type: Primary +Auth: + optional pam_group.so The libpam-ldapd priority is 128 while the libpam-heimdal one is 704. Any idea why they are so different? the ldap module is inserted after pam_unix, while the heimdal one is inserted before it. Not sure if it make sense to insert them at different places in the sequence. Happy hacking, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
