Pluggable Authentication Modules
Slackware doesn't use PAM, Zenwalk uses PAM. What are the advantages/disadvantages of PAM? Do we want to use it? AFAIK every modern distribution uses it but I have no idea why?
PAM
Re: PAM
Using PAM allows you to use things like fingerprint readers and webcam facial recognition as login credentials through a plugin system. That's all I've ever used it for, anyway, perhaps it does other stuff too. It's certainly no big deal if we don't have PAM though, I never used those gimmicky login devices for more than just fun purposes.
Re: PAM
That's why I type in my password plain.
If there a no real arguments for PAM, I don't see why we should add it because my impression was also that it's just complicating things (e.g. autologin you get that lastlogin message).
If there a no real arguments for PAM, I don't see why we should add it because my impression was also that it's just complicating things (e.g. autologin you get that lastlogin message).
Re: PAM
As I understood it PAM allows for more fine-grained control. I have noticed the slowdown too; I didn't know PAM was responsible for that.gapan wrote:And I don't know if you've noticed, but if you have pam, the password prompt after issuing "su" takes a while to show up, but without pam it's instant.
As for fingerprint readers - they're crap and give a false sense of security. You don't need high tech gear to duplicate fingerprints (as the German C't magazine once tested).
Re: PAM
In that case, I vote a thousand times against including PAM. That little delay doesn't seem like much, but I su a lot, and the delay really gets to me.gapan wrote:It's simpler without pam! And I don't know if you've noticed, but if you have pam, the password prompt after issuing "su" takes a while to show up, but without pam it's instant.
Re: PAM
I think it certainly merits an in-depth study JRD . Excellent point.
This is what Red Hat lists as its advantages:
This is what Red Hat lists as its advantages:
* It provides a common authentication scheme that can be used with a wide variety of applications.
* t allows great flexibility and control over authentication for both the system administrator and application developer.
* t allows application developers to develop their program without implementing a particular authentication scheme. Instead, they can focus purely on the details of their program.
Re: PAM
Thanks B.
It's a bit blurred (with no example) but it's a start.
I know that xscreeensaver can use it. I personaly recompiled it with pam to have a good authentification mecanism (I have problems without it) and with others option. It's the only example I know.
It's a bit blurred (with no example) but it's a start.
I know that xscreeensaver can use it. I personaly recompiled it with pam to have a good authentification mecanism (I have problems without it) and with others option. It's the only example I know.