[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: GDBM/DB password file support

On Thu, 10 Oct 1996, Aleph One wrote:

> Thats why you still have a library to share commong code. But you have
> separate libraries NIS, shadow, etc... No need to have a configuration
> file to tell it how to act at run time. Each module only contains is
> specific code and the shared functions.

Are you suggesting ten-lines-of-code modules ? Because with libpwdb this 
is how a NIS/SHADOW module will look like. Frankly, do you see 'too much' 
overhead for pam_unix at this point ?

About the configuration file: there is no need to have one unless you 
write a 'generic' application and want to switch user authentication from 
one scheme to another... Otherwise the apps using the libpwdb code can 
ask for specific information. Nothing is 'merged' the way NIS is merged 
into libc ...

> Yup. But... why would an application neededing to to auth need to use
> anything but PAM?

Take the example of login program. The login program calls PAM, but it 
does a call to getpwnam to get at least the user's shell. With RADIUS, 
you can also get a shell-type response, which tells you to start either a 
shell, switch to PPP, do a rlogin or telnet. Now, for a terminal server 
you will have a special login program which makes use of this. But you 
can do it with standard login, by calling pwdb functions instead. Do you 
want to make that login program work on a terminal sever ? Fine, change 
the /etc/pwdb.conf users entry from unix+shadow to unix+shadow+radius and 
then also use pwdb functions to read what shell to start... Does it make 
sense ?

> 8-) Lucky me I dont touch NIS with a 10 foot pole.

I'm not sure what you mean...

		Cristian Gafton
Cristian Gafton                                    gafton@sorosis.ro
Computers & Communications Center              Network Administrator
35 Moara de Foc St., Iasi 6600, ROMANIA           Tel: +40-32-252938
http://www.cccis.ro                               Fax: +40-32-252933
UNIX is user friendly. It's just selective about who its friends are.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []