The AFS 3.6 Quick Beginnings documentation (aka The Installation Guide...
*smirk*) states to use 'optional' for everything in the Solaris
/etc/pam.conf
Solaris PAM will make sure that one of the modules succeeds if they are
all marked as 'optional', but why is this requirement in place? This
seems very broken to me.
So broken, in fact, that in our testbed cell I changed ours to be:
login auth sufficient /usr/lib/security/pam_afs.so
login auth required /usr/lib/security/pam_unix.so.1
And it works perfectly fine.
What is going on here? Could someone from Transarc (or anyone else)
explain this?
