* Michael Neuffer said: > * Raul Miller (moth@debian.org) [990923 16:15]: > > On Thu, Sep 23, 1999 at 07:32:50AM -0500, Ashley Clark wrote: > > > Couldn't sash include a PAM module that would change the password to > > > match root's password whenever it was changed? Or am I oversimplifying > > > things? > > > > I don't have enough confidence in Debian's pam, yet, to insist that > > everyone that wants to use sash must implement pam support before > > using sash. > > > Depending on PAM would be a fatal mistake. > sash is for situations when your system is FUBARed, > therefore you can not assume that you will still have > a working PAM subsystem either. sash won't ever be linked with dynamic PAM libs since it's static by definition. The proposal, as I can see it, is to write a PAM module that could be added to /etc/pam.d/passwd to ask whether the just-changed root password should be cloned into the sashroot account. And that's a really elegant and clean solution, IMHO. marek
Attachment:
pgp4rblJeyJlX.pgp
Description: PGP signature