It looks like you want to change the hostname, (Ie leave the old file
there) and in all the others accept the new default (the try_first_pass is
the main new option in pam, and I have no idea what it does. )


jf <cestpasjihef@free.fr> writes:

>Nikos Chantziaras wrote:
>>
>> Use dispatch-conf instead of etc-update. It shows what the differences
>> are and offers to merge them or simply use the new ones.

>here are the answers :
>***********************
> # /etc/conf.d/hostname

> # Set to the hostname of this machine
>-HOSTNAME="jef"
>+HOSTNAME="localhost"

>>> (1 of 5) -- /etc/conf.d/hostname
>>> q quit, h help, n next, e edit-new, z zap-new, u use-new
> m merge, t toggle-merge, l look-merge:
>************************* the following is one that scares me
>--- /etc/pam.d/login 2007-04-20 00:54:26.000000000 +0000
>+++ /etc/pam.d/._cfg0000_login 2008-04-04 19:54:23.000000000 +0000
>@@ -1,24 +1,21 @@
> #%PAM-1.0

> auth required pam_securetty.so
>-auth include system-auth
>-auth required pam_tally.so file=/var/log/faillog onerr=succeed
>no_magic_root
>+auth required pam_tally.so file=/var/log/faillog onerr=succeed
> auth required pam_shells.so
> auth required pam_nologin.so
>+auth include system-auth

> account required pam_access.so
> account include system-auth
>-account required pam_tally.so deny=0 file=/var/log/faillog
>onerr=succeed no_magic_root
>+account required pam_tally.so file=/var/log/faillog onerr=succeed

> password include system-auth

>-session include system-auth
> session required pam_env.so
> session optional pam_lastlog.so
> session optional pam_motd.so motd=/etc/motd
> session optional pam_mail.so
>************************************ this one too
>--- /etc/pam.d/sshd 2007-04-20 00:54:30.000000000 +0000
>+++ /etc/pam.d/._cfg0000_sshd 2008-04-04 20:21:05.000000000 +0000
>@@ -1,8 +1,8 @@
> #%PAM-1.0

>-auth include system-auth
> auth required pam_shells.so
> auth required pam_nologin.so
>+auth include system-auth
> account include system-auth
> password include system-auth
> session include system-auth

>>> (3 of 5) -- /etc/pam.d/sshd
>>> q quit, h help, n next, e edit-new, z zap-new, u use-new
> m merge, t toggle-merge, l look-merge:
>****************** and this
>--- /etc/pam.d/system-auth 2007-04-20 00:54:20.000000000 +0000
>+++ /etc/pam.d/._cfg0000_system-auth 2008-04-04 19:32:52.000000000 +0000
>@@ -1,13 +1,13 @@
> #%PAM-1.0

> auth required pam_env.so
>-auth sufficient pam_unix.so likeauth nullok
>+auth sufficient pam_unix.so try_first_pass likeauth nullok
> auth required pam_deny.so

> account required pam_unix.so

>-password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2
>retry=3
>-password sufficient pam_unix.so nullok md5 shadow use_authtok
>+password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2
>try_first_pass retry=3
>+password sufficient pam_unix.so try_first_pass use_authtok nullok md5
>shadow
> password required pam_deny.so

> session required pam_limits.so

>>> (4 of 5) -- /etc/pam.d/system-auth
>>> q quit, h help, n next, e edit-new, z zap-new, u use-new
> m merge, t toggle-merge, l look-merge:
>*********** and the last one
>--- /etc/securetty 2008-03-29 20:24:23.000000000 +0000
>+++ /etc/._cfg0000_securetty 2008-04-04 19:54:09.000000000 +0000
>@@ -1,5 +1,7 @@
> # /etc/securetty: list of terminals on which root is allowed to login.
> # See securetty(5) and login(1).
>+console
>+
> vc/0
> vc/1
> vc/2
>@@ -29,4 +31,3 @@

> tts/0
> ttyS0
>-tts/0

>>> (5 of 5) -- /etc/securetty
>>> q quit, h help, n next, e edit-new, z zap-new, u use-new
> m merge, t toggle-merge, l look-merge:

>**********************
>thanks again
>jf
>-# If you want to enable pam_console, uncomment the following line
>-# and read carefully README.pam_console in /usr/share/doc/pam*
>-#session optional pam_console.so
>+session include system-auth