On Sat, Oct 05, 2024 at 08:33:11AM +0100, Justin B Rye wrote: > Chris Hofstaedtler wrote: > >> I've left the library packages alone, since a library's function is > >> usually obvious from the things that depend on it... but in fact you > >> might want the descriptions to comment on the way wtmpdb has a > >> Recommends: libpam-wtmpdb instead of a Depends. It's not obvious why > >> anyone would ever want to install wtmpdb without libpam-wtmpdb (as > >> opposed to just configuring the PAM module "off"), > > > > libpam-wtmpdb is just dead code if its "off". Neither package needs > > the other for working, so I don't think there should be a Depends: > > relation. If the argument was made in favor of the Depends:, then it > > should be in both directions, and then its a policy violation. > > If there's no conceivable reason to have wtmpdb without libpam-wtmpdb,
That is not what I said. Obviously you can record logins without ever looking at them on the same system, or using wtmpdb to look at files created on other systems. Historically, this functionality always was split into multiple completely unrelated packages. > The other thing I nearly reported as a bug (if I could see a way > towards fixing it) is that the things wtmpdb and its ancestors report > as logins aren't logins. I don't need to have logged in (giving my > password to login or a graphical greeter) for each one, and they > needn't be what the shell classifies as "login shells". It's just > recording (pseudo-)terminal sessions - and it was the fact that such > sessions were logged by wtmp (or something equivalent) that originally > led to people talking about "logging in". In the past, what was recorded was dependent on the program recording it. This was often too much and too little at the same time. The libpam-wtmpdb config is supposed to only run for "interactive sessions". If that is better or not is probably site specific and dependent on implementation details of programs using PAM. > But does that mean that a system without libpam-wtmpdb doesn't > have any logins? I don't understand this question. > If you look closely at it, the word's hopelessly ambiguous, but the > fix is probably "don't do that, then". I guess it's not particularly well defined and different users have a different intuitive understanding of it. But it's not really in scope for wtmpdb to define this word. Chris
