[devuan-dev] bug#805: openrc: supervise-daemon: missing PAM configuration

Autor: meow
Fecha:
A: Mark Hindley
Cc: 805
Asunto: [devuan-dev] bug#805: openrc: supervise-daemon: missing PAM configuration

i reply to:

"
Hi,

On Sat, Nov 25, 2023 at 06:48:42AM +0000, meow wrote:

Yes, you’re right, it should be included in the configuration file.
/etc/pam.d/supervise-daemon:
#%PAM-1.0
auth required pam_permit.so
account required pam_permit.so
password required pam_deny.so
session optional pam_limits.so
@include common-account
@include common-session-nointeractive
use 'common-*' incorrectly. we only need common-account and
common-session-nointetactive.

This is different to what I suggested.

I think

auth required pam_permit.so
account required pam_permit.so

Should be *replaced* by

@include common-auth
@include common-account

And

session optional pam_limits.so

should be after

@include common-session-nointetactive

That makes the whole config

#%PAM-1.0
password required pam_deny.so
@include common-account
@include common-account
@include common-session-nointeractive
session optional pam_limits.so

Is that better?

If you have improvements, please provide the reasoning as well.

Thanks

Mark "

On November 29, 2023 5:39:27 PM UTC, Mark Hindley <mark@???> wrote:
>On Wed, Nov 29, 2023 at 12:07:57AM +0000, meow wrote: >> No, there are nuances. for example, the PAM access module. >> if you turn it on, supervise-daemon stops working correctly.

>
>Please don't top post.
>
>I don't understand what you are answering here.
>
>Sorry.
>
>Mark
>

Este mensaje es parte del siguiente hilo:
	El árbol completo de hilos, ordenados por fecha
	Mark Hindley, mensaje del
	meow, mensaje del

Donate to Dyne.org