From owner-freebsd-hackers  Wed Sep  3 11:42:50 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id LAA29019
          for hackers-outgoing; Wed, 3 Sep 1997 11:42:50 -0700 (PDT)
Received: from haldjas.folklore.ee (Haldjas.folklore.ee [193.40.6.121])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id LAA29007
          for <hackers@freebsd.org>; Wed, 3 Sep 1997 11:42:44 -0700 (PDT)
Received: from haldjas.folklore.ee (haldjas.folklore.ee [172.17.2.1] (may be forged))
          by haldjas.folklore.ee (8.8.6/8.8.4) with SMTP
	  id VAA01628 for <hackers@freebsd.org>; Wed, 3 Sep 1997 21:42:19 +0300 (EEST)
Date: Wed, 3 Sep 1997 21:42:19 +0300 (EEST)
From: Narvi <narvi@haldjas.folklore.ee>
To: hackers@freebsd.org
Subject: login.conf
Message-ID: <Pine.BSF.3.96.970903213752.1315A-100000@haldjas.folklore.ee>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


I create a class in login.conf like this:

#
# Kerberos/skey only login class
#

krb-user:Kerberos only login users:\
        :auth-login=krb_or_skey,kerberos,skey:\
        :auth-rlogin=krb_or_skey,kerberos,skey:\
        :tc=default:

and then set the class of a test user to be krb-user.

The end result is nothing, as it is still possible to login with the old
unix passwd (provided it existed and is known). 

Why is that? Isn't login supposed to look at the auth style and judge by
it which what kinds of passwds to accept?

	Sander

PS. This is on 2.2-stable.

	There is no love, no good, no happiness and no future -
	all these are just illusions.