> > It's for OpenSSH which I am working on (and I think just finished) > > packaging. Unfortunately, it uses both lipwdb and pam. Could you explain > > why this is evil and maybe point me at some reading that would help me port > > it away from libpwdb? > > a) I would hope that they made the pwdb support configurable at build time > with some sort of --disable-pwdb option. heh... I wrote the autoconf support, so that's up to me to do. :) I'll be working on it, though, for sure. [excellent explanation snipped] Thanks for the knowledgable explanation. What I gleaned from that is that we want better than a --disable-pwdb, we want no pwdb at all, correct? > Also, please see the current ssh package's /etc/pam.d/ssh file, as it does > not use pam_pwdb (which in itself would cause problems). IOW, please have > that file in OpenSSH use the normal pam_unix.so modules, else it wil cause > problems aswell, and bug reports will be filed, and people wont use it :) Thanks for the advice. I guess I have some reading to do tonight. -Dan -- "Beware he who would deny you access to information, for in his heart he dreams himself your master."
Attachment:
pgpFLiN9Fxpwq.pgp
Description: PGP signature