Re: libpam, cracklib, and slink (was Re: Release-critical...)
On Wed, Jan 20, 1999 at 11:22:05 -0500, Jean Pierre LeJacq wrote:
> On Wed, 20 Jan 1999, J.H.M. Dassen wrote:
> > Perhaps the best way for cracklib support in PAM is to redefine PAM's
> > packages into "base" and "non-base" ones. The "base" ones should be
> > intended for future (potato) inclusion in the base system (for use by
> > e.g. login); the "non-base" ones could require more libraries and
> > auxiliary programs. Such a change in packaging could also be used as an
> > opportunity to merge libpam0g and libpam0g-util (which have a mutual
> > dependency).
>
> I'm not sure I understand. Would the base and non-base conflict with one
> another?
Not really. (Though perhaps in a technical sense, to get dpkg to replace the
base with the non-base one).
> Or does pam use loadable modules
The individual pluggable authentication modules are .so files, yes.
> so the base can be compiled without cracklib but later load the cracklib
> library when non-base is installed?
This is something else. It may be possible to modify the individual PAMs to
use dlopen() and friends to dynamically load cracklib if available, but
(AFAIK) this is not in standard PAM.
Ray
--
UNFAIR Term applied to advantages enjoyed by other people which we tried
to cheat them out of and didn't manage. See also DISHONESTY, SNEAKY,
UNDERHAND and JUST LUCKY I GUESS.
- The Hipcrime Vocab by Chad C. Mulligan
Reply to: