Re: netstd doesn't use PAM

To: Thorsten Kukuk <kukuk@weber-eb.uni-paderborn.de>
Cc: debian-devel@lists.debian.org
Subject: Re: netstd doesn't use PAM
From: Steve Dunham <dunham@cse.msu.edu>
Date: 15 Sep 1998 10:11:17 -0400
Message-id: <[🔎] m9bzpc1xy7u.fsf@fatneck.cps.msu.edu>
In-reply-to: Thorsten Kukuk's message of "Tue, 15 Sep 1998 15:43:18 +0200 (MET DST)"
References: <[🔎] 199809151343.PAA15835@lechuck.uni-paderborn.de>

Thorsten Kukuk <kukuk@weber-eb.uni-paderborn.de> writes:

> > 
> > Package: netstd
> > Version: 3.07-3

> > can't rsh into NIS authenticated accounts until they fix /etc/pwdb.conf.

> My experince with PAM is, it is a very bad idea to use pam_pwdb.
> It seems it couldn't handle shadow passwords over NIS (glibc can do that),
> and it couldn't handle services like NIS+ or ldap, which are available
> for the next glibc 2.1 version. I think, instead of using pam_pwdb, we
> should use the corresponding pam_unix_* modules.
> The pwdb module will also confuse users, they have to configure
> /etc/nsswitch.conf, but the passwd and group entry is ignored, they have
> to configure that in /etc/pwdb.conf. It was good for libc5, but for
> glibc with NSS, pam_pwdb is a bad choice.

Ok, I was wondering how to deal with the nsswitch/pwdb issue.  I'll
turn on pam_unix_* on my Debian and UltraPenguin machines and see how
they fare.


Steve
dunham@cse.msu.edu

Reply to:

References:
- Re: netstd doesn't use PAM
  - From: Thorsten Kukuk <kukuk@vt.uni-paderborn.de>

Prev by Date: Re: Are we going with X_LOCALE or not?
Next by Date: Re: Info sucks? (Why not add a bunch of other formats as well?)
Previous by thread: Re: netstd doesn't use PAM
Next by thread: new anacron package
Index(es):
- Date
- Thread