[from a message by Bruce Dubbs to BLFS-Book]

> BLFS Trac wrote:
>
>>#1784: Shadow-4.0.15 (will update when LFS moves to this version)
>>----------------------------------------+-----------------------------------
>> Reporter:  [EMAIL PROTECTED]  |        Owner:  [EMAIL PROTECTED]
>>     Type:  defect                      |       Status:  assigned
>> Priority:  normal                      |    Milestone:  6.2
>>Component:  BOOK                        |      Version:  a-SVN
>> Severity:  normal                      |   Resolution:
>> Keywords:  Shadow                      |
>>----------------------------------------+-----------------------------------
>>Comment (by [EMAIL PROTECTED]):
>>
>> Come on, Randy.  This conversation has been had before.  Not everyone
>> wants Cracklib installed, including me.  I see it as a completely separate
>> issue than PAM.
>
> Replying outside of Trac...
>
> Dan,
>   I agree with Randy about the philosophy of installing Cracklib. I'm
> curious why you would want PAM and not use it.
>
>   As an aside, I don't like PAM at all on my personal systems where I am
> the only user.  It complicates things  and doesn't add enough in that
> situation to justify the effort.

I'm moving a conversation taking place over in -BOOK to here as it now
seems to be something to discuss with a wider user-base. The issue is
that I mentioned to Dan that his concern about the non-Cracklib
installation (where it could be broken) in the Linux-Pam instructions
was not of great focus as Cracklib is a *recommended* dependency of
Linux-PAM.

I suppose the question at hand is should CrackLib be recommended?

There has been a couple folks wonder why one would want to install
Pam, but not CrackLib, on a system. So far, the only answers given
don't touch on the the question of why, but instead simply mention
that one has nothing to do with the other.

I believe everyone will agree that Linux-Pam works without CrackLib,
and CrackLib works without Linux-PAM. However, because there really
is some similarity in functionality (they do much the same thing, one
provides security by means of controlling access to applications,the
other by means of controlling access to the system), I suppose it
has been thought that if one wanted one (Linux-PAM), they would want
the other (CrackLib) as well.

However, that may not be the case, so I'm opening up the question of
should CrackLib be a recommended dependency of Linux-PAM to floor
discussion. Any and all comments are welcome.

-- 
Randy

rmlscsi: [GNU ld version 2.15.94.0.2 20041220] [gcc (GCC) 3.4.3]
[GNU C Library stable release version 2.3.4] [Linux 2.6.10 i686]
14:12:00 up 2 days, 19:28, 5 users, load average: 0.27, 0.17, 0.06
-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to