Subject: Re: BSD Authentication
To: Simon J. Gerraty <sjg@crufty.net>
From: Bill Studenmund <wrstuden@netbsd.org>
List: current-users
Date: 09/06/2003 18:17:35
On Sat, 6 Sep 2003, Simon J. Gerraty wrote:

> Chuck Yerkes writes:
> >There.  Now who's up for coding the BSD Auth stuff and not
> >writing more mail??
>
> The issue isn't "coding BSD Auth".
> Its what do you put in apps like login, sshd, su etc.
> So that they can use BSD Auth OR PAM, without having to code the logic
> twice in each application for each API.
>
> An early proposal was to do a shim API, but that got shot down but the
> "I only want BSD Auth" gallery.
> Another option was do BSD Auth via PAM - also shot down by the
> "I only want BSD Auth" gallery.
> Another alternative may be to implement BSD Auth and PAM via nsswitch
> but I gather the "I only want BSD Auth" gallery won't like that either
> because they don't like nsswitch...

Not quite. They all got shot down because we realize that the APIs exposed
to the end apps are different enough that we realized that any shim or
nsswitch uper-API would really be the two APIs added together - they don't
overlap enough for that to work. :-(

> The only proposal that has been offered by the "I only want BSD Auth"
> gallery is "just do BSD Auth and I'll be happy", but of course that doesn't
> meet the needs of the project or anyone else.

Peter actually has been quite helpful in figuring out what we can and
can't do.

Take care,

Bill