/etc/pam.d/system-auth created by authselect, but authselect not configured
Hello all: I am trying to understand PAM, I have not used it before. When I open /etc/pam.d/system-auth, it has these lines: # This file is auto-generated. # User changes will be destroyed the next time authselect is run. But, when I run: authselect check It tells me: System was not configured with authselect. This seems incongruent. Any insights? Thank you, Neil -- Neil Aggarwal, (972) 834-1565, http://www.propfinancing.com We offer 30 year loans on single family houses!
On Wed, 8 Dec 2021 at 23:43, Neil Aggarwal
Hello all:
I am trying to understand PAM, I have not used it before.
When I open /etc/pam.d/system-auth, it has these lines:
# This file is auto-generated.
# User changes will be destroyed the next time authselect is run.
But, when I run:
authselect check
It tells me:
System was not configured with authselect.
This seems incongruent.
Any insights?
Thank you,
Neil
This is due to an installation race condition and possibly an upstream bug. During the installation of the system, there need to be files in /etc/pam.d/ for various applications to work. However those files need to be there before the authselect command is available to configure the system. So the pam package comes with defaults which have the lines ``` #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authselect is run. ``` My guess is that the packager copied the default working ones and put them in the PAM package. The possible bug is that they should be labelled as such: ``` #%PAM-1.0 # This file was auto-generated previous to installation and will be # controlled by the authselect command # User changes will be destroyed the next time authselect is run. ``` However this may not be a bug because the file WAS auto generated at one point, and user changes to it will be destroyed the next time authselect is run. -- Stephen J Smoogen. Let us be kind to one another, for most of us are fighting a hard battle. -- Ian MacClaren
During the installation of the system, there need to be files in /etc/pam.d/ for various applications to work. However those files need to be there before the authselect command is available to configure the system.
Thank you for the detailed explanation, makes sense why they did it that way. Thank you, Neil -- Neil Aggarwal, (972) 834-1565, http://www.propfinancing.com We offer 30 year loans on single family houses!
participants (2)
-
Neil Aggarwal
-
Stephen John Smoogen