In message <14460.829718482@UX2.SP.CS.CMU.EDU>,
	Chris G Demetriou writes:
>Ty Sarna said:
>> I've volunteered several times.  Unfortunately, that's not the same as
>> actually *doing* it :-(.  I've wanted to make some changes to login
>> (fbtab, better S/Key & OTP support, a rules table for who is allowed to
>> log in on what terminals at what times with what authentication methods,
>> etc).  But I still haven't done anything... 
>
>Better idea:
>
>Look at what BSDI did with login classes (i'm pretty sure they used
>login classes for things like that), and clone their implementation...
>(better yet: try to beg their implementation out of them!)

BSDI login classes are just about the ugliest thing I've ever had the
misfortune to deal with as a sysadmin.  AIX even manages to be cleaner
then that.

NetBSD should just switch over to nsswitch.conf, which provides at least
the basic notion of being able to configure what name service/authentication
scheme is being used.  Login classes would be a mistake.

-- 
Jason Downs		   (503) 256-8535 -/- (503) 952-3749
downsj@teeny.org  --> teeny.org: Free Software for a Free Internet <--
http://www.teeny.org/
	      Powered by ... pentium/romp/ka630/68030/68020/68010