[Pkg-shadow-devel] {user,group}{add,mod,del} now PAMified
Nicolas François
nicolas.francois at centraliens.net
Mon Nov 7 00:21:43 UTC 2005
Hello,
This is related to the discussion on #shadow.
(I've read the backlog of last Friday).
Here are some reasons I can see for the PAMification of
{user,group}{add,mod,del} (and also others: chage chfn chsh newusers).
These reasons are not really strong, and if there is a stronger reason for
reverting this, we can revert.
(I also add reasons to minimize these points)
* I think upstream uses the PAMified version of the shadow utilities. So
this code path is probably more maintained.
(There is of course no problem in maintaining the "#ifndef USE_PAM"
code path, and I'm sure Tomasz (upstream) will gladly accept patches)
* There is (or may be) a problem with the build system with the mix of
PAMified and non-PAMified utilities: Some functions of the lib or
libmisc directories difer when USE_PAM is set, and thus just adding
#udef USE_PAM at the top of the non-PAMified utilities is not optimal
(we can of course build twice and pick up the utilities we want from
the non-PAMified build)
* The number of /etc/login.defs variables was reduced.
(All these points should be verified)
Steve, I'm not sure why you wish to revert to the non-PAMified versions.
If the reason is the number of /etc/pam.d files, we could merge some of
them, and use a "shadow-utils" service (the {user,group}{add,mod,del},
chage, chfn, chsh, and newusers PAM service files are identical).
Kind Regards,
--
Nekral
More information about the Pkg-shadow-devel
mailing list