Hi,
after cleaning up the ticket system and fixes the minor documentation
issues, we still have some open tickets:
#9 [PATCH] Allow pam_lastlog to write to utmp as an option
=> I suggest to reject that. That's more academic and not needed.
#20 compilation warnings
=> I suggest to ignore the last warnings
#24 [PATCH] pam_env: Expand @{HOME} and @{SHELL}
=> Any opinion about this? If you all think we should do it, I would look
at the patch.
#26 Use more fail safe method of indicating success from unix_chkpwd
=> Tomas, will you look at this?
#28 Allow module to put the tty to echo off mode via conversation function
=> Any volunteer for this one?
#29 pam_env documentation update
=> the patch in this form is unuseable, I think most docu is
harder to understand then currently. But some changes could
be usefull.
#30 Support for skipping to labels instead of numbers of rules.
=> I would suggest to reject this. Or any volunteer to implement this?
But I think this would not make the whole stuff better.
#34 support alternative "vendor configuration" files as fallback to /etc
=> This are two bugs in one
1. I disagree that modules should ignore that they are used but not
configured. This will only be confusing and a source for errors.
2. I don't like this /usr/lib/pam.d/ concept.
#37 Wrong SELinux AV used in pam_rootok?
=> Tomas, do you know more about this?
#39 [PATCH] doc: pam_access docs are incomplete/misleading
=> the patch looks Ok for me.
#40 expose_auth doesnt work with pam_exec when user does not exist
=> I don't understand why this should not work by looking at the code.
Looks more like a stacking issue, need to dig deeper into this.
Your comments?
Thorsten
--
Thorsten Kukuk, Senior Architect SLES & Common Code Base
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany
GF: Felix Imendörffer, Jane Smithard, Jennifer Guild, Dilip Upmanyu, Graham Norton, HRB
21284 (AG Nürnberg)