[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: netstd doesn't use PAM

> Package: netstd
> Version: 3.07-3

> can't rsh into NIS authenticated accounts until they fix /etc/pwdb.conf.

My experince with PAM is, it is a very bad idea to use pam_pwdb.
It seems it couldn't handle shadow passwords over NIS (glibc can do that),
and it couldn't handle services like NIS+ or ldap, which are available
for the next glibc 2.1 version. I think, instead of using pam_pwdb, we
should use the corresponding pam_unix_* modules.
The pwdb module will also confuse users, they have to configure
/etc/nsswitch.conf, but the passwd and group entry is ignored, they have
to configure that in /etc/pwdb.conf. It was good for libc5, but for
glibc with NSS, pam_pwdb is a bad choice.


Thorsten Kukuk  kukuk@vt.uni-paderborn.de
Linux is like a Vorlon.  It is incredibly powerful, gives terse,
cryptic answers and has a lot of things going on in the background.

Reply to: