Re: netstd doesn't use PAM
Thorsten Kukuk <kukuk@weber-eb.uni-paderborn.de> writes:
> >
> > Package: netstd
> > Version: 3.07-3
> > can't rsh into NIS authenticated accounts until they fix /etc/pwdb.conf.
> My experince with PAM is, it is a very bad idea to use pam_pwdb.
> It seems it couldn't handle shadow passwords over NIS (glibc can do that),
> and it couldn't handle services like NIS+ or ldap, which are available
> for the next glibc 2.1 version. I think, instead of using pam_pwdb, we
> should use the corresponding pam_unix_* modules.
> The pwdb module will also confuse users, they have to configure
> /etc/nsswitch.conf, but the passwd and group entry is ignored, they have
> to configure that in /etc/pwdb.conf. It was good for libc5, but for
> glibc with NSS, pam_pwdb is a bad choice.
Ok, I was wondering how to deal with the nsswitch/pwdb issue. I'll
turn on pam_unix_* on my Debian and UltraPenguin machines and see how
they fare.
Steve
dunham@cse.msu.edu
Reply to: