PAM notes... [was Re: Release Plans (19990513)]
On Thu, May 13, 1999 at 10:13:59AM -0600, Marcelo E. Magallon wrote:
> > I'm not entirely sure what you're talking about here.
> >
> > I use NIS and PAM all the time on RedHat (and Debian - although half
> > of our stuff is not yet pamified). What exactly has to be pamified in
> > the nis package? (In RH 6.0, setting up an NIS client is as easy as
> > typing the domain name into a text widget during the install.)
>
> IIRC, the nis server was running Debian and the nis client was running RH
> 5.2; until I switched everything to unix_auth, the client wouldn't verify
> passwords using the NIS server. On a different setup, both the system and
> the server were running RH 5.2, and NIS wouldn't work until unix_auth was
> used in /etc/pam.d/login; what's the point of using PAM if you end up using
> unix_auth?
The unix modules do not imply using /etc/{shadow,passwd}, they mean you
will be using the native libc calls which in turn use /etc/nsswitch.conf.
NIS should work fine with PAM without _any_ changes as long as you have
nis listed in nsswitch.conf for the proper listings (just the same as you
would have to do without PAM).
IOW, PAM does not have anything to do with NIS support. Please NOTE!!! Do
not use pwdb as defaults in the pam.d for packages which support PAM, we
ran into this problem with ssh/PAM, it does initially break NIS support
unless you also modify /etc/pwdb.conf, and this has been looked down on,
and should _not_ be used as default for our packages.
Reply to: