Subject: Re: login.conf for selecting password verification method (was Re: Kerberos is on by default?)
To: None <firstname.lastname@example.org>
From: Michael Richardson <email@example.com>
Date: 07/10/2000 13:09:12
>>>>> "Eduardo" == Eduardo Horvath <firstname.lastname@example.org> writes:
Eduardo> On 8 Jul 2000, Johan Danielsson wrote:
>> You stated that PAM doesn't add any functionality as long as you have
>> source to the OS. I said it did. It's not the only way to add that
>> functionality, but that's not the question either.
Eduardo> PAM requires dynamic linking. Not all ports support dynamic linking. We
Eduardo> cannot use PAM.
And on those ports that do support dynamic linking, a lot of us do not
want to use it. In fact, this is my number 1 reason to install NetBSD/i386
instead of Linux for a firewall or web server.
PAM *requires* dynamic linking. It simply does not support statically
linking-only on any system that I've seen. I *WANT* to rebuild from source.
I'd still like it to be as simple as possible, and having external programs
(a la login.conf) to me is the best way... and one can an external
authenticator that can load pam modules, so this can be a win-win situation.
:!mcr!: | Solidum Systems Corporation, http://www.solidum.com
Michael Richardson | ... somewhere in SFO airport ...
Personal: email@example.com. PGP key available.
Corporate: <A HREF="mailto:firstname.lastname@example.org">email@example.com</A>.