Jacques Vidrine <nectar_at_freebsd.org> writes: > Applications that use PAM to change the password when the password > expires seem to work out OK. This works because each backend knows whether or not the password needs changing (there is a flag to tell the module to only ask for a new password if the current password has expired). When you are purposedly changing your password before it expires, things are a little less clear. Things might be easier if NSS had a proper API which included entry points for storing and updating user information (and not just for retrieving). Then pam_unix wouldn't need to know anything about /etc/spwd.db or NIS; it would just retrieve the information from NSS, note that the password had expired, ask the user for a new password and tell NSS to store it. DES -- Dag-Erling Smørgrav - des_at_des.noReceived on Thu Dec 04 2003 - 15:00:47 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:32 UTC