[Bug 369575] Re: Why is /usr/share/pam-configs/krb5 specifying minimum_uid= ?

Russ Allbery rra at debian.org
Wed Mar 31 06:54:15 BST 2010

"Daniel Richard G." <skunk at iskunk.org> writes:

> What about just punting on upgrades altogether, and putting in the
> rearranged config only on a new install? Could that be done with
> appropriate postinst magic?

The tricky part is coordination.  At what point can libpam-krb5 drop the
minimum_uid setting and assume that it's in krb5.conf?

> Alternately, you could pop up a big scary debconf warning... there's
> ample precedent for that.

My concern with this is that I think this only affects a small set of
users of the packages, so I'm reluctant to bother the other ones.  One has
to both have a mix of Kerberos-authenticated and non-Kerberos users,
distinguish by UID, and mind the silent Kerberos authentication failure
when handling the UNIX login.

Russ Allbery (rra at debian.org)               <http://www.eyrie.org/~eagle/>

Why is /usr/share/pam-configs/krb5 specifying minimum_uid= ?
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to kerberos-configs in ubuntu.

More information about the Ubuntu-server-bugs mailing list