Thought about the upgrade process a bit. How about this: 1. kerberos-configs starts generating new krb5.conf files with minimum_uid=1000. Then a little later...
2. libpam-krb5 has minimum_uid removed from pam-configs/krb5. On upgrade, it checks to see if this is in krb5.conf. If yes, great. If no, then copy pam-configs/krb5 to e.g. krb5_old, have pam-auth-update use that instead of the new krb5 profile, and show a warning to the user. The user can dismiss the warning, and nothing changes for him/her. krb5_old sticks around as a conffile (removed if package is purged, but otherwise remains untouched by future upgrades), and the regular krb5 profile doesn't have to be hobbled by backward-compatibility measures. -- Why is /usr/share/pam-configs/krb5 specifying minimum_uid= ? https://bugs.launchpad.net/bugs/369575 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
