Comment 39 for bug 369575
Revision history for this message
| Russ Allbery (rra-debian) wrote Re: [Bug 369575] Re: Why is /usr/share/pam-configs/krb5 specifying minimum_uid= ? | #39 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
John Moser <email address hidden> writes:
> Honestly the right option is probably to patch pam_krb5 to allow
> overriding in krb5.conf (possibly by an option, possibly by default).
PAM options intentionally override krb5.conf settings because you need to
be able to override some options for specific programs. Reversing that
will break way, way more than this.
krb5.conf snippets, and then moving this setting into a snippet on new
installations, is the right long-term solution to this problem, I think.
Heimdal now supports including a directory of conf files. The remaining
work is in krb5-config, and I think there's some discussion in the Debian
bug.
Separately, I do think that the pam-update-config configuration files
really should be conffiles in their own right. I'm not sure why they were
made system files installed in /usr/share originally. They seem very
config-y to me, and that would be another relatively clean solution.
--
Russ Allbery (<email address hidden>) <http://