Remove pam_console
Summary
Remove pam_console as it is broken and no longer under use.
Owner
- Name: Iker Pedrosa
- Email: ipedrosa@redhat.com
Current status
- Targeted release: Fedora Linux 39
- Last updated: 2023-01-02
- FESCo issue: <will be assigned by the Wrangler>
- Tracker bug: <will be assigned by the Wrangler>
- Release notes tracker: <will be assigned by the Wrangler>
Detailed Description
Currently, the pam_console module is broken because one of the files needed to define the permissions (50-default.perms) is not installed in the distribution. Indeed, there was a System-Wide Change proposal in 2007 to remove pam_console, but it wasn't finished.
Feedback
Benefit to Fedora
The main benefit is that it reduces the maintenance effort of the package, without reducing the functionality as this should be managed by the HAL ACL. The pam_console module is not included in the Linux-PAM, and it has to be maintained in a side-project. On top of that, the module is only used in Fedora and some of its derivatives.
Scope
- Proposal owners:
- Provide PRs to remove pam_console from the PAM stack of the identified software packages (see Dependencies).
- Remove pam_console from pam-redhat project and rebuild Fedora package.
- Other developers:
- Identified software package maintainers should review and merge the pam_console removal PRs.
- Release engineering: #Releng issue number
- Policies and guidelines: N/A
- Trademark approval: N/A
- Alignment with Objectives: N/A
Upgrade/compatibility impact
No impact is expected.
How To Test
No special hardware or configuration is required to test this change. Once the change is in place, check that the pam_console isn't installed in your system (default location: /lib64/security/pam_console.so) and do a user authentication (i.e. graphical interface, su, ssh, and whatever else comes to your mind).
User Experience
Dependencies
Contingency Plan
- Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
- Contingency deadline: N/A (not a System Wide Change)
- Blocks release? N/A (not a System Wide Change), Yes/No
Documentation
N/A (not a System Wide Change)