Package: libpam-krb5 Version: 1.2.0-2 Severity: wishlist User request for an option to ignore .k5login when authenticating the user. It wouldn't be the default; it would be something that would have to be added to the PAM configuration line on systems where this is safe. The use case is a user who uses AFS for all home directories and doesn't want to allow even list access to the top levels of home directories, so libpam-krb5 cannot check the .k5login file.
An MIT build actually works for reasons that may or may not be good, since MIT kuserok falls back on krb5_aname_to_localname validation if access F_OK fails for any reason, including EACCES. It fails with a Heimdal build, however, since Heimdal allows only ENOENT failures in its kuserok. -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-1-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C) Versions of packages libpam-krb5 depends on: ii krb5-config 1.8 Configuration files for Kerberos V ii libc6 2.3.5-13 GNU C Library: Shared libraries an ii libcomerr2 1.38+1.39-WIP-2005.12.31-1 common error description library ii libkrb53 1.4.3-7 MIT Kerberos runtime libraries ii libpam0g 0.79-3.1 Pluggable Authentication Modules l libpam-krb5 recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
