[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: incompatibility with Sun's implementation of PAM

Andrew G. Morgan wrote:
> Fred Romelfanger wrote:
> > I was looking at porting the Linux PAM module for Kerberos 5 to
> > Solaris 2.6, and ran into incompatibility with pam_strerror.  The

> This is a real pain.  If you would like to see the OSF-RFC p20 top of the
> page, you will see that we are compatible with the original RFC.

So we are the victim of a silent spec change.. The Solaris/XSSO
pam_strerror() function takes the following arguments: (pamh, pam_errorno).
Whereas the RFC/Linux version just takes the single argument (pam_errorno).

Solaris uses the pamh pointer to store a reference to an open file
descriptor which points to a file containing local(e) language translations
of the PAM error codes.  They claim that this speeds up message lookup and
this is their rationale for adding the argument..

Because no-one has thought about adding non-english support to PAM, this has
never been a concern for us.

So together with the conversation-response mismatch this is the second
source incompatibility with Solaris we have to date.  The way I see it we
have two choices:

Cut our losses and break binary compatibility (after all we are still
pre-version 1.0) with former versions of Linux-PAM.  Does anyone want to
comment? (Someone from Red Hat or Caldera perhaps?)

Alternatively, we could take the position that more people use Linux than
use Solaris, and the installed base of Linux machines running PAM is "much"
larger than that running Solaris 2.6, so we should be democratic about it
and stick with the majority...  XSSO are a LONG way from having a full
standard that we could implement anyway, and membership of X/"Open" is (to
my knowledge) not "open" to us -- we are not "in" on the discussion when
changes like this are made.

Two extremes, please discuss...


               Linux-PAM, libpwdb, Orange-Linux and Linux-GSS

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []