pam library (and dependancy) policies
I searched the mail list archives but nothing obvious turned up.
I'm attempting to package a project that has a handful of both
executables and libraries.
One of the libraries is a pam module that AFAIK depends on the some of
the other shared libraries. Currently, my package installs the shared
libraries in /usr/lib. I'm now trying to figure out what to do with the
PAM library.
the first issue is that the ./configure script has no way to say
'install the PAM library here'. It basically goes where ever the other
libraries go - /usr/lib.
Now, I see that other Debian PAM libraries go into /lib/security/. I
understand the motivation for having PAM libraries under /lib, so I want
my PAM library to go there as well. As I understand it, we want PAM
libs in /lib so they're available even when /usr may not be - eg. early
in boot or a stripped-down system. some people like to nfs-mount /usr
for example - what if the server's down.
well, if /usr is unavailable, my PAM lib may fail to work even if it
were installed in /lib/security due to the fact that it depends on other
libs that are in /usr/lib. This means I may want to in fact have the
PAM lib's dependancies installed in /lib as well.
It seems my choices are:
1- install my PAM lib and its dependancies under /lib
2- install my PAM lib and its dependancies under /usr/lib
3- install my PAM lib in /lib/security and its dependancies under
/usr/lib
4- put my PAM lib in /lib/security and patch the source to statically
link the needed functions
2&3 seem risky in that PAM may fail to work in the absence of /usr
1 runs the risk of cluttering /lib with unnecessary libs
4 seems the best solution in the end but I would need to then maintain a
patch which may not be accepted by the upstream
What's the correct solution? Is there a policy on PAM and these sorts
of issues?
any other suggestions?
thanks,
-joe
--
Innovation Software Group, LLC - http://www.innovationsw.com/
Computer Automation Specialists
UNIX, Linux and Java Training
Reply to: