Re: [Proposal] Forget PAM, stick with NSS

To: debian-devel@lists.debian.org
Cc: Matt Ryan <matt@banana.org.uk>, debian-devel@lists.debian.org
Subject: Re: [Proposal] Forget PAM, stick with NSS
From: Jason Gunthorpe <jgg@ualberta.ca>
Date: Sat, 31 Jul 1999 16:21:50 -0600 (MDT)
Message-id: <[🔎] Pine.LNX.3.96.990731161934.32007S-100000@Wakko.deltatee.com>
In-reply-to: <[🔎] 87oggsu7eb.fsf@rut.informatik.uni-tuebingen.de>

On 31 Jul 1999, Goswin Brederlow wrote:

> Matt Ryan <matt@banana.org.uk> writes:
> 
> > I'm a big fan of small dependancies for packages. I can't see any reason why
> > we should start PAMifing packages when AFAICS it only gives the same
> > functionality as the NSS part of glibc. I have setup libnss-ldap and it works
> > very well - why would I need PAM?
> 
> Can nss fallback or use pam?
> 
> Otherwise I will still need pam for afs? Since afs is not free,
> changing is probably impossible.

NSS is not nearly as functional as full pam functionality. A simple
example, I have a written a pam module (libpam-mkhomedir) that creates the
users home directory if it does not exist on login, using PAM I have
plugged it into SSH and login, I then replicate the shadow/passwd/group
files to all the machines and don't have to worry about home directory
creation. You cannot do that with nss.

There are many things that cannot be done with only nss that pam
addresses. 

Jason

Reply to:

Follow-Ups:
- Re: [Proposal] Forget PAM, stick with NSS
  - From: Steve Dunham <dunham@cse.msu.edu>

References:
- Re: [Proposal] Forget PAM, stick with NSS
  - From: Goswin Brederlow <goswin.brederlow@student.uni-tuebingen.de>

Prev by Date: ITP: gtalk
Next by Date: Re: Working for Debian is not just about packages
Previous by thread: Re: [Proposal] Forget PAM, stick with NSS
Next by thread: Re: [Proposal] Forget PAM, stick with NSS
Index(es):
- Date
- Thread