I'm doing an emerge system and running into questions on the pam upgrade. I'd like to get this right before I reboot, etc., as I think this could cause me to be unable to login if it was done wrong.
Anyway, the upgrade instructions point to this web page: http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml I think the only important instructions - please correct me if I'm wrong - are included here: <QUOTE> Code Listing 1.2: Replace pam_stack usage with the include directive (The old configuration) auth required pam_stack.so service=system-auth (Replace it with this) auth include system-auth Important: There are four facilities in PAM configuration: auth, account, password and session. You need to update the configuration files for all of them, not just auth. Please note that you might also need to reorder the calls when making this change, as sometimes modules like pam_nologin were listed after pam_stack, even though they now need to be listed before the include directive. <QUOTE> OK, knowing as you all do that I'm a non-admin sort of person these sort of instructions - the 2 paragraphs at the end - scare me. I hate having to guess what anyone means. lightning pam.d # qfile -o /etc/pam.d/* /etc/pam.d/gdmconfig /etc/pam.d/xdm lightning pam.d # OK, so do I need to edit these two files only and not the ones shown in the example on the Wiki page? When I look at doing the edits I'll show both the files unedited first: lightning pam.d # cat /etc/pam.d/gdmconfig #%PAM-1.0 auth sufficient /lib/security/pam_rootok.so auth required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_permit.so session optional /lib/security/pam_xauth.so account required /lib/security/pam_permit.so lightning pam.d # lightning pam.d # cat /etc/pam.d/xdm #%PAM-1.0 auth required pam_stack.so service=system-auth auth required pam_nologin.so account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth session required pam_stack.so service=system-auth session optional pam_console.so lightning pam.d # So, what needs to be edited and what shouldn't be touched? As a guess, which I'm hoping someone here can bless as I don't understand what this is doing, I'd propose these changes: /etc/pam.d/gdmconfig #%PAM-1.0 auth sufficient /lib/security/pam_rootok.so auth include system-auth session required /lib/security/pam_permit.so session optional /lib/security/pam_xauth.so account required /lib/security/pam_permit.so and possibly... lightning pam.d # cat /etc/pam.d/xdm #%PAM-1.0 auth required pam_nologin.so auth include system-auth account include system-auth password include system-auth session include system-auth #session optional pam_console.so I'm suggesting I comment out the last line as it appears from the description that this is/was never used and requires some other packaged be emerged. Do I need any of that for a normal desktop machine? I hope I've given enough information here. If not please let me know and I'll get what you need ASAP. Thanks, Mark -- [EMAIL PROTECTED] mailing list
