John Moser <john.r.mo...@gmail.com> writes: > Honestly the right option is probably to patch pam_krb5 to allow > overriding in krb5.conf (possibly by an option, possibly by default).
PAM options intentionally override krb5.conf settings because you need to be able to override some options for specific programs. Reversing that will break way, way more than this. krb5.conf snippets, and then moving this setting into a snippet on new installations, is the right long-term solution to this problem, I think. Heimdal now supports including a directory of conf files. The remaining work is in krb5-config, and I think there's some discussion in the Debian bug. Separately, I do think that the pam-update-config configuration files really should be conffiles in their own right. I'm not sure why they were made system files installed in /usr/share originally. They seem very config-y to me, and that would be another relatively clean solution. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/369575 Title: Why is /usr/share/pam-configs/krb5 specifying minimum_uid= ? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kerberos-configs/+bug/369575/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
