[Ask OBSDJ] OpenBSD and PAM?

Contributed by Dengue on 2002-03-01 from the pam-v-bsd-auth dept.

ROR writes :

"Hi OpenBSD community!
There were many discussions on this subject recently, but I still can't find an answer. So, why doesn't OpenBSD have PAM support, since FreeBSD, Linux and Solaris already do? What's the simplest & safest way to enable it on OpenBSD? I obviously need it for native LDAP (+Kerberos for really paranoid folks:))) authentication (Postfix, Courier, Samba etc).
WBR, ROR"

Sounds to me like an login_ldap module is needed for BSD style authentication. Which is the direction OpenBSD is heading instead of PAM. Is anyone interested in trying to code such a beasty?

(Comments are closed)

Comments

By jose nazario () jose@crimelabs.net on 2002-03-03 15:32 mailto:jose@crimelabs.net

PAM is a pretty ugly set of hacks, frankly, and the Linux implementation is actually quite gross. dugsong did a port of it about a year and a half ago and posted his efforts (he needed to for some smartcard stuff ISTR). i haven't tested it, though. this comes up every now and then and has been pretty cleanly answered. the best place to start would be misc@ and maybe tech@.

however, openbsd has BSD Auth, which itself is quite flexible and standard.

if you really want PAM, consider reading the docs and freshly (and cleanly and correctly) implementing it.
By panda () panda@epita.fr on 2002-03-04 09:29 mailto:panda@epita.fr

actually i am currently implementing login_ldap,
which is really easy, but the problem i encounter
is being able to retrieve the list of users in /etc/passwd, like nis does with the + line.
if anybody knows how to go around doing that...

Latest Articles

Wed, Apr 10
- 18:50 OpenSMTPD 7.5.0p0 Released (2)
Tue, Apr 09
- 04:49 20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) (12)
Fri, Apr 05
- 06:16 OpenBSD 7.5 released (2)
Thu, Mar 28
- 18:18 LibreSSL 3.8.4 and 3.9.1 released (0)
Tue, Mar 12
- 06:53 OpenSSH 9.7/9.7p1 released! (0)
Mon, Mar 11
- 11:28 Game of Trees 0.97 released (0)
Sun, Mar 10
- 09:06 LibreSSL versions 3.8.3 and 3.9.0 released (0)
Fri, Mar 08
- 06:46 OpenBGPD 8.4 released (0)
Mon, Mar 04
- 06:32 rpki-client 9.0 released (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]