[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFC: pam: dropping support for NIS/NIS+?

чт, 21 апр. 2022 г. в 11:04, Gabor Gombas <gombasg@digikabel.hu>:
>
> Hi,
>
> On Wed, Apr 20, 2022 at 04:26:02PM -0400, Boyuan Yang wrote:
>
> > Before any discussion takes place, I would like to point out a previous
> > attempt of Fedora trying to get rid of NIS/NIS+ back in 2021. Please check out
> > the LWN article at https://lwn.net/Articles/874174/ , which would definitely
> > be helpful for the condition in Debian.
>
> That discussion seems to be about removing NIS/NIS+ support from the
> entire distribution. This thread is about removing NIS support from PAM.
> That's an important distinction, because in practice, NIS/NIS+ support
> mostly means the NSS modules, and the tools/servers in the case of NIS.
>
> Dropping NIS support from PAM would mean losing only the ability to
> change the passwords of users coming from NIS. It would not affect user
> lookups, and password change would still be possible using yppasswd.
> There does not even seem to be any NIS+ support in PAM - nothing seems
> to include <rpcsvc/nis.h>.
>
> Personlly, I think bundling NIS password changing capability in pam_unix
> was a design mistake. It should always have been a distinct module.

Can we provide a separately packaged pam_unix_nis which can be used
instead of pam_unix in cases where this functionality is still
required?

-- 
With best wishes
Dmitry
Reply to: