I'd like to attract attention to a problem described in bugs #55193,
#63631, #77575, #86606, #103461 and #118239.
If a system is configured to use LDAP for authentification with
authconfig, logins to local accounts (root for example) will always fail
if the LDAP server is unreachable. A possible fix described in bug
118239 has a working pam config for such cases.
Is there any security concern or backward compatibility issue with the
proposed configuration?
Is there something that prevent authconfig from being changed to
generate such a configuration?
This could possibly affect other network authentification mechanism
(kerberos, smb), althought I can't verify it. Also that could possibly
fix bug #6371 as well.