Subject: Re: BSD Authentication
To: Peter Seebach <firstname.lastname@example.org>
From: Bill Studenmund <email@example.com>
Date: 08/26/2003 12:10:49
On Tue, 26 Aug 2003, Peter Seebach wrote:
> In message <Pine.NEB.firstname.lastname@example.org
> >So what is the exposed API used by BSD Auth?
Let me re-phrase that.
> A bunch of functions with names like auth_foo:
> auth_open, auth_call, auth_challenge, auth_check_change,
> auth_check_expire, auth_clean, auth_close, auth_clrenv, auth_clroption,
> auth_clroptions, auth_getitem auth_getstate, auth_getvalue,
> auth_set_va_list, auth_setdata, auth_setenv, auth_setitem auth_setoption,
> auth_setpwd, auth_setstate - interface to the BSD Authentication system
> auth_approval, auth_cat, auth_checknologin, auth_mkvalue,
> auth_userchallenge, auth_usercheck, auth_userokay, auth_userresponse,
> auth_verify - simplified interface to the BSD Authentication system
> These do just about everything. You almost never need the "full" interface,
> but it's there.
What parts do programs that are the clients (not the authenticators (my
Since the eventual goal is one system that does both, we will eventually
need a mapping from the BSD Auth API to what PAM modules can do, and a
mapping from what PAM users want to what BSD Auth authenticators can do.
Well, it will do as much of both as is reasonable. :-)