[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: GDBM/DB password file support



On Thu, 10 Oct 1996, Cristian Gafton wrote:

> Are you suggesting ten-lines-of-code modules ? Because with libpwdb this 
> is how a NIS/SHADOW module will look like. Frankly, do you see 'too much' 
> overhead for pam_unix at this point ?

*nod* Agreed. My point was not 'to much' overhead but clean design. As
always actual implementaion takes precedence over making things look nice.

> About the configuration file: there is no need to have one unless you 
> write a 'generic' application and want to switch user authentication from 
> one scheme to another... Otherwise the apps using the libpwdb code can 
> ask for specific information. Nothing is 'merged' the way NIS is merged 
> into libc ...

You are correct.

> Take the example of login program. The login program calls PAM, but it 
> does a call to getpwnam to get at least the user's shell. With RADIUS, 
> you can also get a shell-type response, which tells you to start either a 
> shell, switch to PPP, do a rlogin or telnet. Now, for a terminal server 
> you will have a special login program which makes use of this. But you 
> can do it with standard login, by calling pwdb functions instead. Do you 
> want to make that login program work on a terminal sever ? Fine, change 
> the /etc/pwdb.conf users entry from unix+shadow to unix+shadow+radius and 
> then also use pwdb functions to read what shell to start... Does it make 
> sense ?

Thanks. I belived you could handle this through PAM but Andrews last
message explained it. Quite ugly that you have to call getpwnam... See my
responce to Andrews message for more on this.

> I'm not sure what you mean...

Just that I dont use NIS.

Cheers.

> 		Cristian Gafton
> --
> --------------------------------------------------------------------
> Cristian Gafton                                    gafton@sorosis.ro
> Computers & Communications Center              Network Administrator
> 35 Moara de Foc St., Iasi 6600, ROMANIA           Tel: +40-32-252938
> http://www.cccis.ro                               Fax: +40-32-252933
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> UNIX is user friendly. It's just selective about who its friends are.
> 
> --
> To unsubscribe: mail -s unsubscribe pam-list-request@redhat.com < /dev/null
> 

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []