[Bug 369575] Re: Why is /usr/share/pam-configs/krb5 specifying minimum_uid= ?

[Russ Allbery]

"Daniel Richard G." <skunk at iskunk.org> writes:

> Yeah, where pam-auth-update asks you "Override local changes to
> /etc/pam.d/common-*?" I see the man page says something about preserving
> module options, but if I add an option to (say) common-auth, and re-run
> p-a-u, the option is silently blown away.

Er, how is it silent when pam-auth-update asks you a question?

I hesitate to tell you how to do system administration for your site, but
at Stanford we just figure out what common-* PAM configuration files we
want for all of our systems and then install them everywhere using the
same configuration management system we use for krb5.conf.  That seems to
me like the best way to do things at scale.  The target audience of the
automated configuration is, in my view, more the individual user
installing Debian or Ubuntu on a single system, or the system
administrator who wants to use the automated configuration tool to create
something to start from and then customize for the site.

We can certainly try to make it work more smoothly for you, but it does
feel like you're creating extra work for yourself in a few places.

-- 
Russ Allbery (rra at debian.org)               <http://www.eyrie.org/~eagle/>

-- 
Why is /usr/share/pam-configs/krb5 specifying minimum_uid= ?
https://bugs.launchpad.net/bugs/369575
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to kerberos-configs in ubuntu.