not clear how to configure with pam-auth-update
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libpam-ccreds (Debian) |
Fix Released
|
Unknown
|
|||
libpam-ccreds (Ubuntu) |
Fix Released
|
Wishlist
|
Steve Langasek |
Bug Description
Binary package hint: libpam-ccreds
Hello,
It is not clear how to configure the pam config files in intrepid to support libpam-ccreds without risking pam-auth-update overwriting the common-auth file.
The example supplied with libpam-ccreds suggests to use:
auth [success=done default=ignore] pam_unix.so
auth [authinfo_
auth [default=done] pam_ccreds.so action=validate use_first_pass
auth [default=done] pam_ccreds.so action=store
auth [default=bad] pam_ccreds.so action=update
However this conflicts with the Ubuntu default:
auth [success=2 default=ignore] pam_unix.so nullok_secure
auth [success=1 default=ignore] pam_ldap.so use_first_pass
auth requisite pam_deny.so
auth required pam_permit.so
in that it would require changing the pam_ldap entry. Doing that the pam-auth-update way seems to imply modifying /usr/share/
Improved documentation on the best way to use this with intrepid would be good.
Brian May
Changed in libpam-ccreds (Ubuntu): | |
importance: | Undecided → Wishlist |
Changed in libpam-ccreds (Debian): | |
status: | Unknown → Confirmed |
Changed in libpam-ccreds (Debian): | |
status: | Confirmed → Fix Released |
I am facing the same problem and any guidance would be gratefully received.