You are not logged in.
- Topics: Active | Unanswered
#1 2023-09-22 21:28:02
- MS1
- Member
- Registered: 2018-02-02
- Posts: 95
Some advice for new filesystem passwd.pacnew
When I use pacdiff I found some new lines in /etc/pam.d/system-auth.pacnew and need some advice about merging them.
Current file is just 2 lines:
#%PAM-1.0
password required pam_unix.so sha512 shadow nullok rounds=65536The pacnew is:
#%PAM-1.0
auth include system-auth
account include system-auth
password include system-authShould I add the 3 new lines under the existing line?
Offline
#2 2023-09-22 21:44:46
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 13,727
Re: Some advice for new filesystem passwd.pacnew
What distro is this? There's no way you got that system-auth.pacnew on Arch.
Offline
#3 2023-09-22 21:47:19
- loqs
- Member
- Registered: 2014-03-06
- Posts: 18,930
Re: Some advice for new filesystem passwd.pacnew
The change you made locally to /etc/pam.d/passwd was to add rounds=65536 for sha512?
If you want to make any changes to the rounds count for yescrypt it is covered in [1]
What were the changes you made locally to /etc/pam.d/systemd-auth?
Edit:
@Scimmia https://gitlab.archlinux.org/archlinux/ … 5576d8571f
[1] https://archlinux.org/news/changes-to-d … -settings/
Last edited by loqs (2023-09-22 21:50:02)
Offline
#4 2023-09-22 21:48:21
- seth
- Member
- From: Won't reply 2 private help req
- Registered: 2012-09-03
- Posts: 76,104
Re: Some advice for new filesystem passwd.pacnew
Whatever that is, system-auth looks like https://gitlab.archlinux.org/archlinux/ … type=heads and /etc/pam.d/system-auth should under no circumstance (just) recursively include itself.
Do not flail around there and make sure to keep a root shell open while messing with pam unless you want to fix the system offline (from a live distro)!
pacman -Qikk pambase
cat /etc/pam.d/system-authEdit: 
Last edited by seth (2023-09-22 21:49:28)
Offline
#5 2023-09-22 21:52:39
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 13,727
Re: Some advice for new filesystem passwd.pacnew
Edit:
@Scimmia https://gitlab.archlinux.org/archlinux/ … 5576d8571f
Right, but there is no circumstances that it could have the pacnew file they posted.
Offline
#6 2023-09-22 22:00:34
- loqs
- Member
- Registered: 2014-03-06
- Posts: 18,930
Re: Some advice for new filesystem passwd.pacnew
If the only change you made to /etc/pam.d/systemd-auth was to add the rounds=65536 as you did in /etc/pam.d/passwd then replace /etc/pam.d/passwd with itc .pacnew and do likewise for /etc/pam.d/system-auth unless you want to make changes to the rounds count for yescrypt which is covered in my previous link.
Right, but there is no circumstances that it could have the pacnew file they posted.
I am guessing the file contents MS1 posted actually refer to /etc/pam.d/passwd{,.pacnew} as in the thread title not /etc/pam.d/system-auth{,pacnew} as stated in the body of the first post.
Last edited by loqs (2023-09-22 22:00:56)
Offline