Ken Moffat wrote: > On Mon, Jan 09, 2012 at 04:28:48PM -0800, Fernando de Oliveira wrote: >> I do care about security, so I should be worried abou that? Anyway, I will >> remove PAM (after your and Bruce's comments). >> > I can't resist misquoting Paul Vixie - if I can persuade you to > remove PAM, perhaps you have a problem :) For secure distros, PAM > seems to be a common feature. *My* problem with it is that I don't > think it will do much for me (one human user on all my systems) > and I believe it has the power to seriously hinder me if I don't > take the time to learn how to configure it.
Oh, I know how to configure it. I can keep it out of the way easily enough with putting pam_allow.so everywhere. However, it doesn't really provide much when I am the only one who can touch the system (physically or network). >>> And for --disable-nis : if you don't intend to use nis the >>> result >>> is positive : you can compile the package with current >>> glibc. >> Ok, I do not intend to have a nis server. My doubt was if other packages, like ssh, apache-ant or rsync would need it. Please, notice that I have no knowledge about the subject, so probably I will not need it. >> > NIS is (perhaps) about 'single sign-on' : > http://en.wikipedia.org/wiki/Network_Information_Service > And, if you *do* want that with current glibc, I can't help. nis and nis+ were written a long time ago by Sun. The modern alternative is ldap. nis really is only useful in a legacy environment. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
