[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#63198: cups-service-type uses PAM-enabled 'cups' by default which pr
|
From: |
Maxim Cournoyer |
|
Subject: |
bug#63198: cups-service-type uses PAM-enabled 'cups' by default which prevents authentication |
|
Date: |
Mon, 15 May 2023 11:24:19 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) |
Hi,
muradm <mail@muradm.net> writes:
> Fixes <https://issues.guix.gnu.org/63198>.
>
> Makes CUPS service to extend pam-root-service-type providing minimal
> configuration to authenticate users. Since PAM authentication is
> provided, cups package can be used as default.
>
> * gnu/services/cups.scm (cups-configuration) [cups]: Use cups.
I'd write 'Replace cups-minimal with cups'.
> [allow-empty-password?]: PAM service configuration permitting empty passwords.
I'd write 'New field', but I think we'd want to add proper PAM support
here not a 'bypass PAM authentication' hack. It should also be enabled
out of the box, otherwise users won't be able to authenticate until they
figure out they need to set that switch to #t.
> (opaque-cups-configuration): Likewise.
> (cups-pam-service): cups PAM service.
Not descriptive :-) What is the change here?
Could you look into adding "regular" login PAM support instead of a
bypass disabled by default? The user should still be prompted for its
password, and it should go through the PAM auth module.
I'm not very PAM-aware, but I believe there are examples spread in the
code base.
--
Thanks,
Maxim