[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Devel] Re: Transition: new PAM config file handling in unstable
[Steve Langasek]
> I'm fairly certain that neither Sam nor I would have the time to
> work on this piece ourselves before sarge's release, but if you're
> able to prepare a suitable tool for managing authentication choices,
> it's possible it could still be considered for inclusion in sarge.
It will need to be designed first, so we better get started. :)
As I see it, there are at least these issues here:
- setting in NSS selection order (/etc/nsswitch.conf)
- setting up PAM selection order (/etc/pam.d/*)
- setting in the module specific config (like /etc/pam_ldap.conf,
/etc/libnss-ldap.conf and /etc/yp.conf).
I am not sure if this is enough, and how much flexibility the system
should provide. Should the user just select files, NIS, LDAP,
Kerberos, SMB, and this will enable a fixed configuration, or should
the user be able combine at will, and a reasonable configuration be
generated? I believe the first option is most useful to new users and
first time installs.
Skolelinux can provide a set of working configuration files for LDAP.