1. ConfigureMiscPam needs a category in bug tracker
2. line 80 - will not modify pam_access.conf if there
is
already an "ALL EXCEPT" line in the file. This has
several consequences, one of which is that if you
run Bastille twice, it will use the value from the
first
run rather than the second
Logged In: YES
user_id=1441
Additional problem here is identifying if an existing "ALL
EXCEPT" line came from Bastille or not. 1) are in=line
comments allowed, so we could flag this for the future 2)
even if so, how do we identify such lines added by earlier
Bastille runs?
Logged In: YES
user_id=195786
I'm not sure that it matters whether an "ALL EXCEPT" line
came from Bastille or not. I think Bastille should do what
it was asked to do regardless of whether Bastille did
something different before or someone edited it by hand or
whatever. I believe what should happen is:
unless (replace_line(ALL EXCEPT, ALL EXCEPT = ...)) {
append_line(...)
}
(note that this requires replace_line to return false)