Hey, * Bálint Réczey <bal...@balintreczey.hu> [201230 23:53]: > Bálint Réczey <bal...@balintreczey.hu> ezt írta (időpont: 2019. nov. > 7., Cs, 20:45): > > Thorsten Glaser <t.gla...@tarent.de> ezt írta (időpont: 2019. nov. 6., > > Sze, 23:08): > > > > > > Hi everyone, > > > > > > when will something happen to not fill syslog with these messages > > > (unless deserved, such as if there is really something to warn about)? > > > > > > It’s not even stated yet whether the suggested change to the config > > > is safe to apply… > > > > I'm waiting for Steve's position on this. I believe the change to > > shadow was OK and all we need is removing the message in PAM. > > Since it is a trivial change I have not prepared a patch but I'm happy > > to if Steve prefers that. > > I asked upstream if they just want to silence the notice, but they > don't want to: > https://github.com/linux-pam/linux-pam/pull/158 > > It leaves us with disabling it using configuration files. IMO the > proposed patch of removing nullok_secure is safe and the desired > solution. > However it is up to the maintainers, Steve, or Sam, to accept the > patch unless someone NMUs it. > I don't plan NMU-ing it myself, but since the general NMU rules apply > any DD can NMU it via DELAYED/10.
Given not much has happened so far, maybe login should remove pam_securetty from its default PAM configuration instead? Thats nothing that needs to be coordinated with the PAM maintainers, AFAICT. Best, Chris
