From owner-freebsd-current@FreeBSD.ORG  Sat Nov 29 05:01:05 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id AD0CA16A4CE; Sat, 29 Nov 2003 05:01:05 -0800 (PST)
Received: from mail.dt.e-technik.uni-dortmund.de
	(mail.dt.E-Technik.Uni-Dortmund.DE [129.217.163.1])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 7A0AB43FAF; Sat, 29 Nov 2003 05:01:04 -0800 (PST)
	(envelope-from ma@dt.e-technik.uni-dortmund.de)
Received: from m2a2.dyndns.org (krusty.dt.e-technik.uni-dortmund.de
	[129.217.163.1])A7D3915D65;	Sat, 29 Nov 2003 14:01:03 +0100 (CET)
Received: by merlin.emma.line.org (Postfix, from userid 500)
	id 7958496FDB; Sat, 29 Nov 2003 14:01:02 +0100 (CET)
To: "Jacques A. Vidrine" <nectar@FreeBSD.org>
In-Reply-To: <20031126130402.GB57523@madman.celabo.org> (Jacques A.
 Vidrine's message of "Wed, 26 Nov 2003 07:04:02 -0600")
References: <20031125025621.453732A8FC@canning.wemm.org>
	<200311250311.hAP3BTCO075916@apollo.backplane.com>
	<20031125150700.GA48007@madman.celabo.org>
	<20031125201421.GB54467@madman.celabo.org>
	<200311252039.hAPKdBfq080963@apollo.backplane.com>
	<m37k1ox7tz.fsf_-_@merlin.emma.line.org>
	<20031126130402.GB57523@madman.celabo.org>
From: Matthias Andree <ma@dt.e-technik.uni-dortmund.de>
Date: Sat, 29 Nov 2003 14:01:02 +0100
Message-ID: <m3vfp31g8h.fsf@merlin.emma.line.org>
User-Agent: Gnus/5.1003 (Gnus v5.10.3) Emacs/21.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
cc: freebsd-current@freebsd.org
cc: Matthias Andree <ma@dt.e-technik.uni-dortmund.de>
Subject: Re: NSS and PAM, dynamic vs. static
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Nov 2003 13:01:05 -0000

"Jacques A. Vidrine" <nectar@FreeBSD.org> writes:

> On Wed, Nov 26, 2003 at 02:00:08AM +0100, Matthias Andree wrote:
>> Matthew Dillon <dillon@apollo.backplane.com> writes:
>> 
>> >     How much do you intend to use NSS for?  I mean, what's the point of
>> >     adopting this cool infrastructure if all you are going to do with it
>> >     is make a better PAM out of it?
>> 
>> The important thing is that NSS allows to plug modules such as LDAP or
>> PostgreSQL for user base management. PAM is only halfway there and
>> doesn't give libc et al. a notion of a user or group context (in spite
>> of its "account" context), NSS does. One might discuss if PAM is really
>> needed with NSS in place, but it's hard to think of a system without
>> NSS and removing PAM now doesn't look right.
>
> NSS and PAM do not overlap.

I wonder how PAM gets "system" authentication information for pam_pwdb
or pam_unix or how it's called today and on the pertinent system if not
through NSS. Reimplementation of these "passwd/shadow/whatever"
mechanisms?

-- 
Matthias Andree

Encrypt your mail: my GnuPG key ID is 0x052E7D95