[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Seeking comments on PAM logging change

[Copies to me; I'm on debian-devel but very behind and don't really
have enough time to read it]

Bug #213566 is another complaint about how PAM handles logging.
Currently PAM_unix calls openlog in the pam library in an attempt to
make sure that PAM authentication messages are logged claiming to be
from the PAM service name (pam_unix) instead of from the application
or in cases of applications that do not call openlog, from unnamed
syslog lines.

The submitter of this bug argued convincingly that calling openlog is
an inappropriate abstraction violation.  Libraries should not modify
global state such as the syslog configuration.  Modules that are
plugins to libraries especially should not do this.

Sun has apparently also removed calls to openlog from their PAM

It is my intent to remove this call to openlog.  Doing so may very
well change the format of messages logged by PAM application.  This is
both a heads up and a chance for you to convince me I'm wrong.


Reply to: