Hi, On Wed, Apr 20, 2022 at 04:26:02PM -0400, Boyuan Yang wrote: > Before any discussion takes place, I would like to point out a previous > attempt of Fedora trying to get rid of NIS/NIS+ back in 2021. Please check out > the LWN article at https://lwn.net/Articles/874174/ , which would definitely > be helpful for the condition in Debian.
That discussion seems to be about removing NIS/NIS+ support from the entire distribution. This thread is about removing NIS support from PAM. That's an important distinction, because in practice, NIS/NIS+ support mostly means the NSS modules, and the tools/servers in the case of NIS. Dropping NIS support from PAM would mean losing only the ability to change the passwords of users coming from NIS. It would not affect user lookups, and password change would still be possible using yppasswd. There does not even seem to be any NIS+ support in PAM - nothing seems to include <rpcsvc/nis.h>. Personlly, I think bundling NIS password changing capability in pam_unix was a design mistake. It should always have been a distinct module. Regards, Gabor