Is Kerberos 5 the only non-dummy PAM implementation of the
pam_sm_chauthtok method (password changing/management)?
I've been looking (and grepping) through the source of the PAM
modules in 4.8 and 4.9, to check how I should interface to a chauthtok
method. Not just the ones built and installed on the system, from
/usr/src/lib/libpam, but the whole Linux PAM directory in
/usr/src/contrib/libpam.
Can it really be that pam_krb5 is the *only* PAM module supplied
which implements a working password change function? I see three dummy
versions (tacacs+ and the contrib pam_permit and pam_warn) and that
seems to be it.
/usr/bin/passwd will be a real pain to use for a Web GUI as it
requires a pty, which means extensive "coding around it" to fake one up
for it a la poppassd. I thought PAM was going to solve this for me,
because of the "password management" function designed in... only it
appears so far that no PAM method which implements local password
changing actually exists on FreeBSD. What a mess.
(Yeah, I know, I know - stop grumbling, code one, and contribute it.)
-- Clifton
--
Clifton Royston -- [EMAIL PROTECTED]
Tiki Technologies Lead Programmer/Software Architect
Did you ever fly a kite in bed? Did you ever walk with ten cats on your head?
Did you ever milk this kind of cow? Well we can do it. We know how.
If you never did, you should. These things are fun, and fun is good.
-- Dr. Seuss
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
