Re: netstd doesn't use PAM

To: dunham@cse.msu.edu (Steve Dunham)
Cc: debian-devel@lists.debian.org
Subject: Re: netstd doesn't use PAM
From: Thorsten Kukuk <kukuk@vt.uni-paderborn.de>
Date: Tue, 15 Sep 1998 15:43:18 +0200 (MET DST)
Message-id: <[🔎] 199809151343.PAA15835@lechuck.uni-paderborn.de>
In-reply-to: <[🔎] m9b1zpeyxhm.fsf@fatneck.cps.msu.edu> from Steve Dunham at "Sep 14, 98 09:29:25 pm"


> 
> Package: netstd
> Version: 3.07-3

> can't rsh into NIS authenticated accounts until they fix /etc/pwdb.conf.

My experince with PAM is, it is a very bad idea to use pam_pwdb.
It seems it couldn't handle shadow passwords over NIS (glibc can do that),
and it couldn't handle services like NIS+ or ldap, which are available
for the next glibc 2.1 version. I think, instead of using pam_pwdb, we
should use the corresponding pam_unix_* modules.
The pwdb module will also confuse users, they have to configure
/etc/nsswitch.conf, but the passwd and group entry is ignored, they have
to configure that in /etc/pwdb.conf. It was good for libc5, but for
glibc with NSS, pam_pwdb is a bad choice.

  Thorsten

-- 
Thorsten Kukuk  kukuk@vt.uni-paderborn.de
                http://www-vt.uni-paderborn.de/~kukuk/
Linux is like a Vorlon.  It is incredibly powerful, gives terse,
cryptic answers and has a lot of things going on in the background.

Reply to:

Follow-Ups:
- Re: netstd doesn't use PAM
  - From: Steve Dunham <dunham@cse.msu.edu>

References:
- netstd doesn't use PAM
  - From: Steve Dunham <dunham@cse.msu.edu>

Prev by Date: Re: Info sucks?
Next by Date: Re: Info sucks?
Previous by thread: netstd doesn't use PAM
Next by thread: Re: netstd doesn't use PAM
Index(es):
- Date
- Thread