problem, it still didn't DTRT for services that did not have a service-
specific policy if /etc/pam.d existed but did not contain an "other"
policy. This fixes the problems some people have experienced with sudo.
And I almost didn't have to use goto.
The current configuration sequence is:
1) Look for /etc/pam.d/foo
2) If PAM_READ_BOTH_CONFS is defined, or step 1) failed, look for
foo in /etc/pam.conf
3) Look for /etc/pam.d/other (to fill in the gaps)
4) If PAM_READ_BOTH_CONFS is defined, or step 3) failed, look for
other in /etc/pam.conf
I believe this is the intended behaviour of the original code. The least
surprising behaviour seems to be when PAM_READ_BOTH_CONFS is not defined -
/etc/pam.d/foo will be preferred over /etc/pam.conf, but the latter will
serve as a backup if the former does not exist.
Sponsored by: DARPA, NAI Labs
50d70990d7