Subject: Re: integrating PAM
To: Dan Melomedman <>
From: Harry Waddell <>
List: current-users
Date: 01/22/2003 15:36:39
On Wed, 22 Jan 2003 18:03:37 -0500
Dan Melomedman <> wrote:

> Bill Studenmund wrote:
> > tokens, etc. Which is why we want to do PAM; you can layer BSD Auth
> > (with all of its functionality) on top of PAM while you can't layer all
> > of PAM on top of BSD Auth.
> Do most people need esoteric things like AFS tokens, or anything else
> which can't be done with PAM? Maybe the solution is to hack the special
> cases that PAM could do, separately from PAM, like AFS authentication.
> This way you don't impose features most people won't even need in the
> first place.

Your probably right about these things not being needed most of the time.
Unfortunately, the exceptions that come to mind, e.g. academia or
government, are the kind of users that may not use NetBSD because of these
"deficiencies". Based on my [and Bill's] past experience, these are also the
kind of places that occasionally fund/contribute substantial work on netbsd.
That said, this is probably more of a non-critical advocacy issue than a
technical one.

Harry Waddell
Caravan Electronic Publishing

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
  - Benjamin Franklin