On Dec 23,  9:51am, Greywolf wrote:
} Thus spake Peter Seebach ("PS> ") sometime Today...
} 
} PS> So, we may end up wanting
} PS> 	#if defined(BSD_AUTH) && defined(PAM_AUTH)
} PS> 		/* nssswitch-style code */
} PS> 	#else if defined(BSD_AUTH)
} PS> 		/* call BSD auth */
} PS> 	#else if defined(PAM_AUTH)
} PS> 		/* call PAM */
} PS> 	#else
} PS> 		/* just grovel in spwd.db */
} PS> 	#endif
} PS>
} PS> Not because it's the cleanest, or the best, but because it's the best we can
} PS> do.
} 
} Surely one of (PAM_AUTH||BSD_AUTH) can handle the local lookup part as well?

     Either one could.

} ...or Did I Miss Something Here? [TM]

     You missed the, "PAM will never be on my systems!" and/or, "BSD
Auth will never be on my systems!" cases.  (Although, I don't recall
anybody saying the latter.)

} FWIW, maybe I don't know enough about PAM to have a clear reason as to
} "why not" -- as I mentioned, I've had bad experiences.  That only makes
} it "bad" from MY point of view, and unfortunately that's all I have
} to go on.

     Could you tell us about these bad experiences (just the facts) so
that we can avoid them and/or address them.

}-- End of excerpt from Greywolf