[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: GDBM/DB password file support



On Fri, 11 Oct 1996, Cristian Gafton wrote:

> I think this is not an issue - pam_radius module calls pwdb functions 
> directly, with PWDB_RADIUS as only datasource, so again, /etc/pwdb.conf 
> will not be used. In fact, there are very few cases where /etc/pwdb.conf 
> will be used. Because there is no point to configure a RADIUS specific 
> module to look after shadow/nis entries...

Cool.

> This is why I say that all authentication related things should and now 
> can go into pam_unix. Because it is very simple to add it using pwdb. 
> Again the example of RADIUS - one can do user authetication with RADIUS, 
> because authentication part of the RADIUS is in pam_unix... Frankly, 
> pam_unix authentication part will be better called pam_auth :-)

Heh.. kind of does away with having a auth type module in PAM ;)
Just curious how many diferent auth modules are they know in Linux PAM
other than pam_unix? Oh here is another idea: a macro so you can enter
pam_nis, pam_unix, pam_shadow in /etc/pam.conf and its translated to
pam_unix nis, pam_unix shadow, etc.. heh I better stop drinking coffe.

> > So an application could authenicate
> > the user in the PAM auth module and set its enviroment in the session
> > modules.
> 
> This is how things are done now.

I belive that the setting up of home directory was done by the
application. I'am saying it should be done in the PAM session module.

> > Something like pam_get_field() where the session module can pass
> > it what field it wants. So for a shell server the session module can do
> > pam_get_field("homedir") and a terminal server can do
> > pam_get_field("ipaddress").
> 
> This is possible with pwdb functions already.

Heh anyone want to extend PAM? My point is that an application should have
no need to call pwdb function or any other functions directly. All the
work should be done by the PAM modules.

> 		Cristian Gafton
> --
> --------------------------------------------------------------------
> Cristian Gafton                                    gafton@sorosis.ro
> Computers & Communications Center              Network Administrator
> 35 Moara de Foc St., Iasi 6600, ROMANIA           Tel: +40-32-252938
> http://www.cccis.ro                               Fax: +40-32-252933
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> UNIX is user friendly. It's just selective about who its friends are.
> 
> --
> To unsubscribe: mail -s unsubscribe pam-list-request@redhat.com < /dev/null
> 

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []