Re: Deprecating pam_stack.so

On Sat, 2005-10-08 at 17:49 -0400, Tom Lane wrote: Such a simple config file is replaced with: #%PAM-1.0 auth include system-auth account include system-auth However things get more complicated if in the existing config there are modules AFTER the pam_stack in the auth, account or password phases. Basically they cannot be there if include is used because in the included file there may be "sufficient" entries. So the new config files must be rearranged so these modules are moved up before the include. But sometimes (for example with pam_nologin) it is not possible because it would change semantics a little bit so it's better to move the pam_nologin to account phase. I'm also introducing a new common config file (config-util) which should be used for all system-config-... utilities which use userhelper. So all these utilities should have the same config: #%PAM-1.0 auth include config-util account include config-util session include config-util -- Tomas Mraz <tmraz(a)redhat.com&gt;