Subject: Re: PAM enabled by default in packages that support it?
To: Todd Vierling <>
From: Johnny C. Lam <>
List: tech-pkg
Date: 04/25/2005 14:53:08
Todd Vierling wrote:
> On Mon, 25 Apr 2005, Johnny Lam wrote:
>> is meant to be included if you really want PAM.  If the
>>package can conditionally use PAM, then the package should be made to support
>>"PAM" in PKG_OPTIONS, and to include if it is there.  If
>>PAM_TYPE takes the value "none", then it causes package builds to fail by
> I didn't suggest setting PAM_TYPE to "none"; rather, I'm taking the
> perspective of other smoke-if-you've-got-'em bl3 files that *return* "none"
> if the desired feature is unavailable.  Think without
> the "require" option being set before inclusion.
> That way you can always include without
> OS-conditionalizing a crapload of packages, and conditionalize the package
> on the *return value* "none" to indicate no PAM is available and should be
> disabled in the package.
> There's no other sane way, as I see it, to turn on PAM by default --
> conditionalizing by OS in lots of package is just Wrong.

The point I was making is that if you include, and no 
PAM implementation is available, then it doesn't return a PAM_TYPE of 
"none" -- it causes the package to fail building via PKG_FAIL_REASON. 
If is included, then you actually want PAM -- you 
can't include and check whether PAM_TYPE is "none".

If you have a package that can be built with or without PAM, then it 
should be made to take "PAM" in PKG_OPTIONS, and allow the user to 
specify it either positively or negatively in /etc/mk.conf.  We can, of 
course, provide good defaults for particular operating systems, e.g. on 
Linux, FreeBSD, Solaris, or NetBSD>=2.0, default to 


	-- Johnny Lam <>