Date: Sat, 8 Jan 2000 16:43:13 -0500 (EST) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org> Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>, freebsd-current@freebsd.org Subject: Re: PAM'ized su(1) Message-ID: <200001082143.QAA52528@khavrinen.lcs.mit.edu> In-Reply-To: <3.0.5.32.20000108124258.0093bb90@localhost> References: <3.0.5.32.20000108112936.0095f440@localhost> <200001081932.OAA52181@khavrinen.lcs.mit.edu> <3.0.5.32.20000108124258.0093bb90@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Sat, 08 Jan 2000 12:42:58 -0800, "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org> said: > can go away. WHEELSU can (and should) be provided by > pam_wheel. wollman@khavrinen(2996)$ ls /usr/lib/pam_*.so /usr/lib/pam_cleartext_pass_ok.so /usr/lib/pam_radius.so /usr/lib/pam_deny.so /usr/lib/pam_skey.so /usr/lib/pam_kerberosIV.so /usr/lib/pam_tacplus.so /usr/lib/pam_permit.so /usr/lib/pam_unix.so Hmmm. I don't see any such module. Or are you proposing to write one? (I'm clearly misunderstanding some fundamental part of PAM, since I don't see how, based on our current usage, anything like the proper `su' behavior for WHEELSU and Kerberos can be provided -- unless you provide all the N*M combination of modules required.) -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001082143.QAA52528>