[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [PAM] Should `ssh' depend on `libpwdb'?

>>>>> "Michael" == Michael Alan Dorman <mdorman-debian.devel@debian.org> writes:

    Michael> Ben Collins <bcollins@debian.org> writes:
    >> On Mon, May 31, 1999 at 07:05:40PM -0400, Michael Alan Dorman
    >> wrote:
    >> > psu25682@odin.cc.pdx.edu (Karl M. Hegbloom) writes:
    >> > > I think I remember reading in one of these mailing lists
    >> > > that the PAM `libpwdb' is deprecated, and should not be
    >> > > used, since it bypasses the normal "nsswitch" mechanism in
    >> > > glibc.  Is this true?
    >> >
    >> > Based on messages that went out on the pam list in the last
    >> > seven days, I do not think the PAM developers consider
    >> > libpwdb as deprecated.
    >> >
    >> Deprecated is not the proper term. libpwdb is not prefered in
    >> Debian as it is in RedHat. Considering that the majority of the
    >> libpwdb code is duplication of the same libc calls, it's
    >> considered overkill and adds an uneeded layer to the
    >> authentication process.

    Michael> OK.  I was reading it as libpwdb being generally
    Michael> deprecated, not just Debian-wise.

    Michael> Would it be useful for people if there was a Debian
    Michael> Authentication guide that addressed 1) what is available,
    Michael> 2) what is preferred and 3) what sorts of mind-bogglingly
    Michael> neat stuff you can do with it?

 Perhaps this should be brought up on `debian-policy' at some point.
 If there's a separate document written up for authentication, then
 perhaps `policy' could point to it?  I don't know...  I ought to be
 reading books and code rather than email again.

Reply to: