Gentoo Archives: gentoo-dev

From: "Diego \\\"Flameeyes\\\" Pettenò" <flameeyes@×××××××××××××.de>
To: gentoo-dev@××××××××××××.org
Subject: Re: [gentoo-dev] The Pluggable Hell - aka Linux-PAM and non-linux gentoos
Date: Mon, 28 Mar 2005 15:13:46
In Reply to: Re: [gentoo-dev] The Pluggable Hell - aka Linux-PAM and non-linux gentoos by Luca Barbato
1 On Monday 28 March 2005 16:18, Luca Barbato wrote:
2 > Let's replace it or fix pam-stack to work on openpam.
3 Ok a bit of an update on this, as me and Luca talked about it on #gentoo-dev..
4 Removing pam_stack in favour of classical unix authentication can be
5 considered a regression, so we need an alternative.
7 Luca also found a mailing list message[1] of Dmitry V. Levin of AltLinux,
8 which refers to the include feature in openpam[2], and a patch to linux-pam
9 to support the same inclusion scheme.
10 That message also refers to debian way of thinking this pluggable hell, but I
11 don't know too much about it.
13 The solution could be of implementing pam_stack on openpam, and include on
14 linux-pam, to have them working flawlessy, but imho this is too much an
15 overhead, just implementing include on linux-pam and fixing the pam
16 configuration files to use it could be simpler.
17 I'll help as far as I can if this is needed, just I need a bit of time to see
18 exactly how this is used.
20 Still, i do think that having a virtual/pam is needed if we want to support
21 more than one pam implementation.
23 For who wants to take a look to pam internals, it's described by OpenGroup's
24 RFC 86.0 [3].
26 [1]
27 [2]
28 [3]
29 --
30 Diego "Flameeyes" Pettenò