[Pkg-xfce-devel] Bug#734817: Bug#734817: Bug#734671: enable pam_keyinit by default

[Yves-Alexis Perez]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Mon, Jan 13, 2014 at 07:16:33PM -0800, Steve Langasek wrote:
> On Fri, Jan 10, 2014 at 08:10:27AM +0100, Yves-Alexis Perez wrote:
> > > Unfortunately, there's no central way to configure PAM modules only for use
> > > in login sessions.  As with pam_selinux and pam_loginuid, the only way to do
> > > this is for each service to include the module directly in their own PAM
> > > config.
> 
> > > Cloning this bug and reassigning it to the usual suspects.
> 
> > As said on IRC, it'd had been nice to actually receive that in my mail,
> > instead of just the clone/reassign from owner at b.d.o but eh.
> 
> > Notwithstanding the local fixes in the various packages, wouldn't it
> > be possible to have a common file to be included for those “pure login”,
> > the way we have common-*?
> 
> > I'm not really knowledgeable about the whole PAM configuration in
> > Debian, but if multiple modules are in the same situation, it might make
> > sense. What do you think?
> 
> In effect, this is bug #677288.  It's certainly possible, but this isn't
> something I expect to have time to work on any time soon.

Keep us updated then, because I guess updating things in each and every
login-related pam config fille will not be really sustainable in the
long term.

Regards,
- -- 
Yves-Alexis Perez
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBCgAGBQJS1W0FAAoJEG3bU/KmdcClSeEH/RKAIKS+n0r5kx26+eMG5Kg5
GYx4MpXwM4/DHrkTTRqS2M4VlNfk6Z4QApJibDstjRtYgWEAm+u1XfrVe1aiYssG
6xiGeZPyye3WmQfQ6OLoh19IWn8+54O0RY2SD92g61XfQXd8o8DmQE0QIIevUQ5/
ThEjW3nmSdInxekdpHsbOPs2307dn0GSVmREffCmTzsbheXFzXgsp1h6yhZRSYj1
XnZdl9ofshbEfi1C89wvfVNUF95hHkPXqG++ertyWDOWeuu7rOfaynQ/cN5JGDuZ
XiArtSGe6VWHUXLDJ0uVMTGwDMh4HJZczgNSxGpIR/LR/ZAcURPznb+ly/fvy3k=
=dG56
-----END PGP SIGNATURE-----