[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PAM support? (Was: [sysvinit] Re: ?New sysvinit version 2.89dsf?)

From: Petter Reinholdtsen
Subject: Re: PAM support? (Was: [sysvinit] Re: ?New sysvinit version 2.89dsf?)
Date: Sun, 4 Apr 2010 13:10:55 +0200
User-agent: Mutt/

[Werner Fink]
>> IMHO we should not use PAM in sulogin without any fallback
>> otherwise we'd run into trouble in case of having en error in the
>> PAM configuration.

I agree.

> I've just removed the PAM initial session code as sulogin does not
> use any pam_conv() function but its own password conversation
> function.  As sulogin uses getpwnam(3) it is able to handle DES,
> MD5, SHA, and even Blowfish encrypted passwords (just tested).  For
> the case of a failing getpwnam() I've extended the valid() function
> to be able to handle not only DES and MD5 but also SHA and Blowfish
> encrypted passwords.

Very good.

> Attached I've a patch which uses PAM to update the lastlog file in
> case of a dead PAM user session.  Should we apply this one?

Right now, I believe we should wrap up what we got and make a new
release, and look at the PAM stuff for the next release.

I have not yet had time to wrap my head around why PAM is useful in
init, and thus do not really have an opinion.  If you believe it is
useful, and the Solaris version already got it, that is two good
arguments for including it.  But not now, lets do that in the next
release. :)

Happy hacking,
Petter Reinholdtsen

reply via email to

[Prev in Thread] Current Thread [Next in Thread]