[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: GDBM/DB password file support



This is how I hope it will look:

Aleph One wrote:
> /etc/pam.conf
[..]
> /etc/pwdb.conf

The problem is that Sun defined what PAM is supposed to do. It is basically
an authentication front end. Period. We might make a more general pluggable
API, but if we want to stick with the standard, I think we need a
(single) complimentary database library.

Applications require more than authentication. They may need to know the
home directory of a user they are granting a service to for example.

libpwdb is an attempt to provide a single yet flexible database API that
will address the needs of PAM and of applications at the same time..

> PAM was not only supposed to make things modular and pluggable must also
> centralized. Why should the pam_unix module be able to do RADIUS
> authentication? Even NIS and shadow are questionable. All this different

This is a good point. The answer always seems to come down to "code
redundency". The beauty of PAM is that you can write your own unix module if
the one available is too powerful for your needs. The only reason the
pam_unix module we are working on will do all this is that "with libpwdb" it
should be very easy... :)

Best wishes

Andrew



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []