[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_unix.so + nsswitch.conf + nis

On Wed, Aug 22, 2007 at 04:03:48AM +0300, Vassilis Vatikiotis wrote:

> Dominik George wrote:
> > Did you follow some how-to that tells you to add +:::: or something like
> > that to your passwd and shadow files? If so, NIS requests will be sent
> > upon file and compat resolution.

> The +::::: notation in passwd/shadow filesis used when the 'compat'
> option is used in nsswitch.conf, and I haven't used any 'compat' option
> in nsswitch nor the +/- compatibility notation in passwd and shadow files.

> It's not needed anyway since glibc supports NIS lookups. The compat
> option was used when libc5 without NYS support was used in linux, maybe
> a decade ago or something like that.

> I suspect it's deeper than this, maybe in the pam_unix.so source. Among
> other things I've read about it is that nis support is included in
> pam_unix.so and the way to configure is through nsswitch.conf. But it
> seems that pam_unix doesn't honor the 'status=action' mechanism in
> nsswitch.conf.

pam_unix doesn't look at nsswitch.conf at all.  It "honors" the file only by
way of its effects on the behavior of the various glibc NSS functions (such
as getpwnam()).

> Anyway, I'm willing to dive into source code here. Any cvs link I could
> get pam_unix.so source from?


Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon debian org                                   http://www.debian.org/

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]