Subject: Re: setpwfile(3)
To: None <current-users@NetBSD.ORG>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: current-users
Date: 05/08/1997 12:23:04
> COMPATIBILITY
>      The historic function setpwfile(3),  which allowed the specification of
>      alternative password databases, has been deprecated and is no longer
>      available.

> is there a deep technical reason why this is the case?  Or does this
> just relate to the use of /etc/master.passwd, and the DB versions of
> the password files?

I would guess the latter.  There certainly is no technical reason the
passwd routines couldn't just switch over into a read-flat-file mode if
setpwfile() has provided an alternative file.

However, there's not much benefit as compared to having a separate set
of routines to read V7-style flat-file databases.

> [does anyone have any opinion about the value of pursuing PAM-style
> authentication modules for NetBSD?  I know there is s/key in
> /bin/login already...]

Something like it should go in eventually, I'd say.  I've got a real
one-time password scheme set up ("real" meaning that the passwords are
not algorithmically related, unlike s/key and the stuff the OTP working
group is looking at).  Neither of them belongs in login; they belong in
separate modules, called upon by login at need.  (For that matter,
simple password authentication likewise.)

					der Mouse

			       mouse@rodents.montreal.qc.ca
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B