[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

a few questions on implementation



Ok, I'm redoing the pam package for Debian's unstable distribution and
I have a couple questions that would help in getting a good base/default
setup.

I'm stuck on whether to use pam_pwdb as the default module as opposed
to the pam_unix_* modules. Obviously pam_pwdb has the advantage of
lifting suid root permissions from some binaries like xlock, as well as
making it easier for suid root svgalib programs to drop priviledges
while still being able to authenticate users, such as vclock.

Problem is that, if I read correctly, pam_pwdb does not support NIS
yet, which is a very bug deal to alot of ppl. I know the TODO file in
pam_pwdb says that it will be done soon, just wondering how soon, and
if there is anything I can do to help if needed?

Also, I'm concerned about versioning the modules included in the main
source. The library will be installed to allow concurrent installation
of the current libpam.so.0, and libpam.so.1 (some time down the road)
to make for an easier upgrade path for programs that depend on libpam.
Question, can I assume that modules with the pam 0.x source will work
with the libpam.so.1 library? or would it be better to install modules
in the form of pam_foo.so.0?

Thanks for any assistance,
  Ben

--
-----    -- - -------- --------- ----  -------  -----  - - ---   --------
Ben Collins <b.m.collins@larc.nasa.gov>                  Debian GNU/Linux
UnixGroup Admin - Jordan Systems Inc.                 bcollins@debian.org
------ -- ----- - - -------   ------- -- The Choice of the GNU Generation



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []