Gentoo Archives: gentoo-dev

From: "Diego \\\"Flameeyes\\\" Pettenò" <flameeyes@×××××××××××××.de>
To: gentoo-dev@××××××××××××.org
Subject: Re: [gentoo-dev] The Pluggable Hell - aka Linux-PAM and non-linux gentoos
Date: Mon, 28 Mar 2005 15:13:46
Message-Id: 200503281712.05363@enterprise.flameeyes.is-a-geek.org
In Reply to: Re: [gentoo-dev] The Pluggable Hell - aka Linux-PAM and non-linux gentoos by Luca Barbato
1 On Monday 28 March 2005 16:18, Luca Barbato wrote:
2 > Let's replace it or fix pam-stack to work on openpam.
3 Ok a bit of an update on this, as me and Luca talked about it on #gentoo-dev..
4 Removing pam_stack in favour of classical unix authentication can be
5 considered a regression, so we need an alternative.
6
7 Luca also found a mailing list message[1] of Dmitry V. Levin of AltLinux,
8 which refers to the include feature in openpam[2], and a patch to linux-pam
9 to support the same inclusion scheme.
10 That message also refers to debian way of thinking this pluggable hell, but I
11 don't know too much about it.
12
13 The solution could be of implementing pam_stack on openpam, and include on
14 linux-pam, to have them working flawlessy, but imho this is too much an
15 overhead, just implementing include on linux-pam and fixing the pam
16 configuration files to use it could be simpler.
17 I'll help as far as I can if this is needed, just I need a bit of time to see
18 exactly how this is used.
19
20 Still, i do think that having a virtual/pam is needed if we want to support
21 more than one pam implementation.
22
23 For who wants to take a look to pam internals, it's described by OpenGroup's
24 RFC 86.0 [3].
25
26 [1] http://archives.neohapsis.com/archives/pam-list/2003-09/0036.html
27 [2] http://sourceforge.net/project/shownotes.php?release_id=171575
28 [3] http://www.opengroup.org/tech/rfc/rfc86.0.html
29 --
30 Diego "Flameeyes" Pettenò
31 http://wwwstud.dsi.unive.it/~dpetteno/