Subject: Re: BSD Authentication
To: Peter Seebach <seebs@plethora.net>
From: Bill Studenmund <wrstuden@netbsd.org>
List: current-users
Date: 08/25/2003 18:43:51
On Mon, 25 Aug 2003, Peter Seebach wrote:

> In message <20030825225112.1797D82@coconut.itojun.org>, itojun@iijlab.net write
> s:
> >>1.  Does anyone have BSD Auth working on NetBSD?
> >>2.  Does anyone plan to?
> >>
> >>I'm interested in this, just because it's one of my favorite features ever.
> >>:)
> >
> >	every time i raise this question, i get attacked by pro-PAM people.
>
> Well, let's try another option.
>
> I want BSD auth.
>
> Does anyone have a strong objection to including it in the system?  I could
> write it from the spec in a day or two.

Maybe, maybe not.

The last time this came up, my recollection was that the concensus was
that we wanted both.

Since adding either one means tweaking nsswitch for auth add-ins, the idea
was to implement a loadable-module approach that would support both PAM
and BSD Auth. The point is to not make two different ways to hook into
nsswitch. Since we didn't know different, we thought you could make a PAM
module that would hook into BSD Auth servers.

Would a PAM module be able to supply full BSD Auth functionality?

The other question is how would user apps call into the "unified"
framework?

If you did something that went in that direction, it would be very
interesting. Obviously I'd expect you'd implement things in stages, and
that's how the final code'd work.

Take care,

Bill