On Thu, 2009-02-26 at 08:31 +0100, Peter Palfrader wrote: > On Wed, 25 Feb 2009, Roger Leigh wrote: > > > HAL is just querying the group database directly. Any process can of > > course do this. But it's asking a different question, namely: > > what groups is this user a member of in the group database. > > This is of course broken. It breaks granting console users access to > the netdev or powerdev groups through pam_groups, which is really really > annoying when you get your users from say ldap.
But that's broken to start with, since you can't revoke group membership when the user logs out. Ben.
signature.asc
Description: This is a digitally signed message part
