[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFC: pam: dropping support for NIS/NIS+?

Hi,

On Wed, Apr 20, 2022 at 04:26:02PM -0400, Boyuan Yang wrote:
 
> Before any discussion takes place, I would like to point out a previous
> attempt of Fedora trying to get rid of NIS/NIS+ back in 2021. Please check out
> the LWN article at https://lwn.net/Articles/874174/ , which would definitely
> be helpful for the condition in Debian.

That discussion seems to be about removing NIS/NIS+ support from the
entire distribution. This thread is about removing NIS support from PAM.
That's an important distinction, because in practice, NIS/NIS+ support
mostly means the NSS modules, and the tools/servers in the case of NIS.

Dropping NIS support from PAM would mean losing only the ability to
change the passwords of users coming from NIS. It would not affect user
lookups, and password change would still be possible using yppasswd.
There does not even seem to be any NIS+ support in PAM - nothing seems
to include <rpcsvc/nis.h>.

Personlly, I think bundling NIS password changing capability in pam_unix
was a design mistake. It should always have been a distinct module.

Regards,
Gabor
Reply to: