From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.gentoo.org (smtp.gentoo.org [134.68.220.30]) by robin.gentoo.org (8.13.3/8.13.3) with ESMTP id j2SFDkxi019360 for ; Mon, 28 Mar 2005 15:13:46 GMT Received: from relay5.poste.it ([62.241.4.67]) by smtp.gentoo.org with esmtp (Exim 4.43) id 1DFvw0-0005jo-Kq for gentoo-dev@robin.gentoo.org; Mon, 28 Mar 2005 15:13:44 +0000 Received: from flameeyes.is-a-geek.org (151.44.29.3) by relay5.poste.it (7.2.052.3) (authenticated as emanuela.zanon@poste.it) id 4210C2140011DB76 for gentoo-dev@gentoo.org; Mon, 28 Mar 2005 17:13:45 +0200 From: "Diego \"Flameeyes\" =?iso-8859-15?q?Petten=F2?=" To: gentoo-dev@robin.gentoo.org Subject: Re: [gentoo-dev] The Pluggable Hell - aka Linux-PAM and non-linux gentoos Date: Mon, 28 Mar 2005 17:11:59 +0200 User-Agent: KMail/1.8 References: <200503281546.35898@enterprise.flameeyes.is-a-geek.org> <42481248.5050206@gentoo.org> In-Reply-To: <42481248.5050206@gentoo.org> Precedence: bulk List-Post: , , List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Reply-To: gentoo-dev@gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1468256.k6fP1GpFIl"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200503281712.05363@enterprise.flameeyes.is-a-geek.org> X-Archives-Salt: 8cc356f2-ee42-45d1-9ba9-a8795907c13f X-Archives-Hash: 8cd14393f6aacc4676d293a486c3bf1d --nextPart1468256.k6fP1GpFIl Content-Type: text/plain; charset="iso-8859-15" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Monday 28 March 2005 16:18, Luca Barbato wrote: > Let's replace it or fix pam-stack to work on openpam. Ok a bit of an update on this, as me and Luca talked about it on #gentoo-de= v.. Removing pam_stack in favour of classical unix authentication can be=20 considered a regression, so we need an alternative. Luca also found a mailing list message[1] of Dmitry V. Levin of AltLinux,=20 which refers to the include feature in openpam[2], and a patch to linux-pam= =20 to support the same inclusion scheme. That message also refers to debian way of thinking this pluggable hell, but= I=20 don't know too much about it. The solution could be of implementing pam_stack on openpam, and include on= =20 linux-pam, to have them working flawlessy, but imho this is too much an=20 overhead, just implementing include on linux-pam and fixing the pam=20 configuration files to use it could be simpler. I'll help as far as I can if this is needed, just I need a bit of time to s= ee=20 exactly how this is used. Still, i do think that having a virtual/pam is needed if we want to support= =20 more than one pam implementation. =46or who wants to take a look to pam internals, it's described by OpenGrou= p's=20 RFC 86.0 [3]. [1] http://archives.neohapsis.com/archives/pam-list/2003-09/0036.html [2] http://sourceforge.net/project/shownotes.php?release_id=3D171575 [3] http://www.opengroup.org/tech/rfc/rfc86.0.html =2D-=20 Diego "Flameeyes" Petten=F2 http://wwwstud.dsi.unive.it/~dpetteno/ --nextPart1468256.k6fP1GpFIl Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQBCSB7Fe2h1+2mHVWMRAh2IAKD2+kJQA3mvgvFiIXLOxiFZcR71EQCeL7x4 8mhgLUZbkXxluyx2M6iK/MU= =PRn4 -----END PGP SIGNATURE----- --nextPart1468256.k6fP1GpFIl-- -- gentoo-dev@gentoo.org mailing list