Subject: Re: BSD Authentication
To: Bill Studenmund <wrstuden@NetBSD.org>
From: John Nemeth <jnemeth@victoria.tc.ca>
List: current-users
Date: 08/28/2003 01:36:10
On Dec 11, 6:51am, Bill Studenmund wrote:
} On Mon, 25 Aug 2003, Peter Seebach wrote:
} > In message <20030825225112.1797D82@coconut.itojun.org>, itojun@iijlab.net write
} > s:
} > >>1. Does anyone have BSD Auth working on NetBSD?
} > >>2. Does anyone plan to?
} > >>
} > >>I'm interested in this, just because it's one of my favorite features ever.
} > >
} > > every time i raise this question, i get attacked by pro-PAM people.
} >
} > Well, let's try another option.
} >
} > I want BSD auth.
} >
} > Does anyone have a strong objection to including it in the system? I could
} > write it from the spec in a day or two.
}
} Maybe, maybe not.
}
} The last time this came up, my recollection was that the concensus was
} that we wanted both.
}
} Since adding either one means tweaking nsswitch for auth add-ins, the idea
} was to implement a loadable-module approach that would support both PAM
} and BSD Auth. The point is to not make two different ways to hook into
} nsswitch. Since we didn't know different, we thought you could make a PAM
PAM doesn't have anything to do with nsswitch. PAM only provides
authentication functions, it doesn't provide any way to get a "struct
passwd". Once you authenticate with PAM, you simply use getpwnam() to
get that. However, if you are doing remote authentication, then you
probably want a way to get passwd data remotely. Right now, the only
methods are NIS and Hesiod.
}-- End of excerpt from Bill Studenmund