Mailinglist Archive: opensuse-factory (807 mails)

< Previous Next >
Re: [opensuse-factory] add pam_faillock for factory, 42.2, SLES 12 SP2
Hi - reviving this thread with the following PR - finally got around
to tackling the confusing automake error the build was giving me last
year in regards to docbook and manpages. Please work with me in
getting this in shipable - not that I'm the module author. It's
strictly for the betterment of [open]SUSE with a technically
(+objectively) better module. Hopefully it lays the ground work for
other distros to follow suite (arch, gentoo, debian, ubuntu and
others). The current outlook is although this module is not accepted
in PAM upstream due to quibbles centering around software engineering
principles and code reuse, it's not going away until the end of time
and has been audited by many parties as an acceptable and required
module for securing computers. If you're going to repeat the reasons
why PAM upstream didn't incorporate it, I ask that you realize this is
not the place to make that same decision - and that problem may be
solved upstream "someday". Here it is our duty to provide real,
working, solutions - and if that is a permanent stop-gap measure, we
must deal with it.

https://build.opensuse.org/request/show/454027

FYI original patch here:
http://people.redhat.com/tmraz/pam_faillock/pam-1.2.1-faillock-with-manual.patch
- I updated it to work against 1.3.0 - just some automake context
difference patch couldn't compensate for at time of writing.

This should also greatly improve compatibility with state of the art
SCAP/automated STIG implementation for which pam_tally2 has far less
(if any) support - and that is important to [open]SUSE users in the
DOD/government space.

-Jason
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages