Re: NSS and PAM, dynamic vs. static

From: Matthias Andree <ma_at_dt.e-technik.uni-dortmund.de>
Date: Sat, 29 Nov 2003 14:01:02 +0100
"Jacques A. Vidrine" <nectar_at_FreeBSD.org> writes:

> On Wed, Nov 26, 2003 at 02:00:08AM +0100, Matthias Andree wrote:
>> Matthew Dillon <dillon_at_apollo.backplane.com> writes:
>> 
>> >     How much do you intend to use NSS for?  I mean, what's the point of
>> >     adopting this cool infrastructure if all you are going to do with it
>> >     is make a better PAM out of it?
>> 
>> The important thing is that NSS allows to plug modules such as LDAP or
>> PostgreSQL for user base management. PAM is only halfway there and
>> doesn't give libc et al. a notion of a user or group context (in spite
>> of its "account" context), NSS does. One might discuss if PAM is really
>> needed with NSS in place, but it's hard to think of a system without
>> NSS and removing PAM now doesn't look right.
>
> NSS and PAM do not overlap.

I wonder how PAM gets "system" authentication information for pam_pwdb
or pam_unix or how it's called today and on the pertinent system if not
through NSS. Reimplementation of these "passwd/shadow/whatever"
mechanisms?

-- 
Matthias Andree

Encrypt your mail: my GnuPG key ID is 0x052E7D95
Received on Sat Nov 29 2003 - 04:01:05 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:31 UTC