On Sat, May 22, 1999 at 05:56:32PM -0400, Adam Di Carlo wrote: > >>>>> "BenC" == Ben Collins <[EMAIL PROTECTED]> writes: > > BenC> This is just a little reminder concerning PAMification of > BenC> potato. I want to urge all maintainers who's programs do any > BenC> sort of authentication or account management to seek PAM patches > BenC> (or just enabling PAM if the program already supports it). > > I fully agree. I suggest that someone file Important bugs on *core* > non-compliant packages. By core, I mean stuff like useradd, adduser, > login, telnet, ftp, etc. The 2nd tier, which maybe is unrealistic for > potato, is that all daemons include PAM support, that is, pop server, > sshd, etc.
useradd and adduser (and similar tools) are shadow centric and don't need (or can't really be made) to support PAM. For instance they don't support NIS directly, nor LDAPns. > Does PAM support also affect web servers? Can someone talk to us > about this aspect? There is a libapache-mod-pam, which enables apache auth using PAM modules, already packaged. It has some drawbacks due to permissions (apache runs as www-data so it cannot access /etc/shadow). This can't be avoided however. -- ----- -- - -------- --------- ---- ------- ----- - - --- -------- Ben Collins <[EMAIL PROTECTED]> Debian GNU/Linux OpenLDAP Dev - [EMAIL PROTECTED] The Choice of the GNU Generation ------ -- ----- - - ------- ------- -- ---- - -------- - --- ---- - --
