[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

pam-unix... pam_unix2?



Ok.  My work on pam_unix is in a stalled state now...
I should finish it sometime (not so many left to do).
But what interesting (and caused me to write this) -
I found a pam_unix2 module by Thorsten Kukuk -- this
one I was unable to find for a long time.  Oha, it is
on kernel.org/.../NIS+/ directory!  Complete url is:

http://www.kernel.org/pub/linux/utils/net/NIS+/pam_unix2.tar.gz

And I looked to it.  And it seemed to be clean and good
(as compared to current one and to my :) ).  It has some
glibc-specific pieces, and probably a big amount of code
for nis+ (also good one but not needed for any site).
And it have very nice mechanism of finding the "source"
of system password (e.g. files, nis, ... -- nsswitch)
(but this place is really _very_ glibc specific).

Not to say that this is bad, but mostly non-portable
(not good for open-pam, but ok for linux-pam).

And this module has been well tested already, as it
seemed to be.

The question.  May _this_ Thorsten's module be used in
linux-pam in place of it's current pam_unix?
I know that this question is mostly for Thorsten.
At least I was not able to find any annoncements here
(and even any references) to this module.
Module probably should be changed a bit in respect of
handling new passwords (bigcrypt issues, other hashes
etc as discussed on this list), but other things are in
place.  (Maybe even made nis+ support optional, especially
keyserver notifications).

And if that is ok, we already have a good pam_unix implementation...

Regards,
 Michael.





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []