Previously Steve Dunham wrote: > 1. Are we going to move to PAM for slink (i.e. are patches welcome)? It is a stated goal, which was not doable for hamm since PAM apparently wasn't stable enough. Since it has worked for RH for a while now it seems to have stablealized enough. With the advent of LDAP and other authentication methods I think we really should start in this now. X is probably the major problem now, there are already PAM-aware logins and ppp packages iirc. > 3. Can we move the pam modules to /lib/security? This is where Red > Hat keeps them. If they stay in /usr/lib/security then "login" won't > work until /usr is mounted. I'm not sure of this one. On one side you can't assume you can login anyway as a user since your shell might be in /usr/sbin (think tcsh). On the other side root should always be able to login. What also worries me is that I don't know if PAM support a fallback: if I enable LDAP authentication but the network doesn't initialize, can I still use the password in /etc/shadow ? Wichert. -- ============================================================================== This combination of bytes forms a message written to you by Wichert Akkerman. E-Mail: wakkerma@wi.LeidenUniv.nl WWW: http://www.wi.leidenuniv.nl/~wichert/
Attachment:
pgpODOWNbvIbU.pgp
Description: PGP signature