So openSUSE decided to go crazy and severely break existing norms regarding system configuration: https://kubic.opensuse.org/blog/2019-12-05-usr-etc/ https://en.opensuse.org/openSUSE:Packaging_UsrEtc TL;DR: they want clearer separation between original and changed configuration, and this also helps doing atomic updates of the system Sensible goals, but they seem to be trying to do this alone, which seems overly ambitious given that this will require major modification in many applications. There's lots of software that only supports looking at a single file. They've started some support library to help out with this: https://github.com/openSUSE/libeconf This move is also in explicit violations of the FHS, further cementing that they are alone in this approach: > Note that /usr/etc is still not allowed: programs in /usr should place configuration files in /etc. https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html For ThinLinc this currently has the effect of breaking the PAM stage of tl-setup as it fails to find the configuration in /etc/pam.d. This change currently affects openSUSE Tumbleweed, but doesn't seem to have much changes in openSUSE Leap yet. We'll see how this trickles down to SLE.
One place where this was noted: https://community.thinlinc.com/t/how-to-proper-install-thinlinc-server-on-opensuse-tumbleweed-kde-and-some-hints-that-may-help-with-other-distros/300 He also did a workaround of symlinking /usr/etc/pam.d/sshd to /etc/pam.d/sshd, which is probably not a good idea as you're not supposed to change the files under /usr/etc. A copy would be the proper approach.
I also reacted to the symlink, it is probably not a good idea. From the https://en.opensuse.org/openSUSE:Packaging_UsrEtc pam/pam-config PAM reads the configuration files from two places: /usr/etc/pam.d /etc/pam.d pam-config reads the configuration files from this two places, too. But it only writes into /etc/pam.d. If a file in /etc/pam.d exists, a file with the same name in /usr/etc/pam.d will be ignored. A system administrator has, to make manual changes, copy the PAM config file from /usr/etc/pam.d/ to /etc/pam.d/ and modify that.
This change could escalate the problem with sshd_config, as in https://www.cendio.com/bugzilla/show_bug.cgi?id=7569 From the https://en.opensuse.org/openSUSE:Packaging_UsrEtc openssh /etc/ssh/sshd_config was moved to /usr/etc/ssh/sshd_config, /etc/ssh/sshd_config and /etc/ssh/sshd_config.d/*.conf will be additional looked at (Variant 1). The /etc/ssh/sshd_config.d method should be preferred, but is not useable for all config options. The same applies for /etc/ssh/ssh_config.
