http://bugzilla.opensuse.org/show_bug.cgi?id=1081947 http://bugzilla.opensuse.org/show_bug.cgi?id=1081947#c8 --- Comment #8 from Josef Möllers <josef.moellers@suse.com> --- (In reply to Franck Bui from comment #7)
(In reply to Josef Möllers from comment #6)
Re comment #3: Why should it be in the stack?
where else would you want to it to be ?
But how should it end up there? AFAIK the only way is to explicitly call pam-config!
The kernel keyring stuff is a general infra provided by the kernel which needs special care during session creation so that all applications can rely on it if needed.
The lengthy discussion in Bug #1045886 shows that it would not be advisable to just automatically add pam_keyinit to pam config files!
what did you make think so ?
The quote from "man pam_keyinit": "This module should not, generally, be invoked by programs like su, since it is usually desirable for the key set to percolate through to the alternate context. The keys have their own permissions system to manage this." An idea in the discussion had been to write some rpmlint-skript which would force the maintaines to include pam_keyinit into their pam config files. But I can only guess howone would do that. -- You are receiving this mail because: You are on the CC list for the bug.