Hi,
On pe, 01 loka 2021, Björn 'besser82' Esser wrote:
Hello,
I'm currently doing some experiments with replacing the - upstream
mostly unmaintained - pam_unix module (authentication with user passwd)
with something using less bloated and cleaner code. This topic is
currently also discussed with the upstream maintainer of pam_unix.
Replacing parts of a software for the sake of less complexity usually
comes with a cut-down of features; in this particular case it would be
dropping support for NIS(+), which has already been abandoned by its
initial developer SUN / Oracle for about 10 years [1].
Before starting some more concrete plans, I'd like to get some feedback
from the Fedora community how they feel about removing NIS(+) support in
PAM. Is it even still actively used anywhere and/or by anyone in the
Fedora universe?
I am maintaining slapi-nis, the server side of NIS implementation on top
of FreeIPA. I also maintain libnsl2 in RHEL 9.
In RHEL 9 we removed client side of NIS(+) support from the
distribution. Server side emulation in FreeIPA is still available
because we have to be able to provide interoperability with non-Linux
clients.
The only reasonable use of NIS(+) beyond that is within computing farms.
NIS is very lightweight in terms of network traffic and an overhead for
a single request compared to LDAP-based solutions (SSSD). This is the
only reason we kept NIS support available for quite some time in
FreeIPA. But we are considering to remove it completely in future as
well.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
