[EMAIL PROTECTED] (Gregory S. Stark) writes: > I asked once earlier, but no one responded: > Does anyone know how PAM modules should be packaged?
You can look at Red Hat for examples. > Where should they be installed? Is there some way to register them, or some > script to run to offer the sysadmin the option of making the new module the > global default? Personally I think PAM modules are one of the big missing > links for Unix system and no distribution would be complete without a solid > architecture for dealing with them. We have ppp-pam and pam packages, but how > does packaging further modules work? > Kerberos won't be properly supported until there's a PAM module for it > packaged. There are a couple around, but I have no idea how to package them. > I don't even know how PAM is configured and I don't use it here at all. PAM modules go in /lib/security. Programs are configured to use these modules by editing configuration files in /etc/pam.d/. There is one file for each client program. These files should be included with the respective client programs. (On Solaris, all programs are controlled from one file: /etc/pam.conf.) A package for a kerberos module would contain the module in /lib/security, whatever configuration files the module needs in /etc (like server name, etc), and perhaps a script in /usr/sbin that adds kerberos to the existing /etc/pam.d/* files. A longer term goal would be a gtk or newt based program that lets the user configure security without editting /etc/pam.d/* files directly. Steve [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]