Subject: Re: setpwfile(3)
To: None <current-users@NetBSD.ORG>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: current-users
Date: 05/08/1997 12:23:04
>      The historic function setpwfile(3),  which allowed the specification of
>      alternative password databases, has been deprecated and is no longer
>      available.

> is there a deep technical reason why this is the case?  Or does this
> just relate to the use of /etc/master.passwd, and the DB versions of
> the password files?

I would guess the latter.  There certainly is no technical reason the
passwd routines couldn't just switch over into a read-flat-file mode if
setpwfile() has provided an alternative file.

However, there's not much benefit as compared to having a separate set
of routines to read V7-style flat-file databases.

> [does anyone have any opinion about the value of pursuing PAM-style
> authentication modules for NetBSD?  I know there is s/key in
> /bin/login already...]

Something like it should go in eventually, I'd say.  I've got a real
one-time password scheme set up ("real" meaning that the passwords are
not algorithmically related, unlike s/key and the stuff the OTP working
group is looking at).  Neither of them belongs in login; they belong in
separate modules, called upon by login at need.  (For that matter,
simple password authentication likewise.)

					der Mouse

		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B