"Daniel Richard G." <email address hidden> writes:
> No no, the goal is not to have Kerberos users with uid < 1000. It's to
> push minimum_uid higher, so that you can have normal 1000-something-uid
> local users authenticate without any Kerberos interaction. Same argument
> as for the root user and ignore_root.
Oh, sorry. I forgot the context. I even re-read the bug and missed
that. Apologies.
> As for doing the upgrade, isn't pam-configs/krb5 a conffile? The user
> would see what's going on.
No, it's not a conffile. The generated /etc/pam.d files are configuration
files, but if the user is using the defaults, I believe changes to the
defaults are just automatically applied (although Steve would know better
than I). And krb5.conf normally isn't updated once written and I don't
think it could be updated with this particular type of change.
"Daniel Richard G." <email address hidden> writes:
> No no, the goal is not to have Kerberos users with uid < 1000. It's to
> push minimum_uid higher, so that you can have normal 1000-something-uid
> local users authenticate without any Kerberos interaction. Same argument
> as for the root user and ignore_root.
Oh, sorry. I forgot the context. I even re-read the bug and missed
that. Apologies.
> As for doing the upgrade, isn't pam-configs/krb5 a conffile? The user
> would see what's going on.
No, it's not a conffile. The generated /etc/pam.d files are configuration
files, but if the user is using the defaults, I believe changes to the
defaults are just automatically applied (although Steve would know better
than I). And krb5.conf normally isn't updated once written and I don't
think it could be updated with this particular type of change.
-- www.eyrie. org/~eagle/>
Russ Allbery (<email address hidden>) <http://