Gary Winiger wrote: > > My personal recommendation: Develop a pam_pkinit (or similarly named) module > with a separate man page. Have that man page describe the interactions > between pam_pkinit and pam_krb5. > > Thanks for the extra time, > Gary..
Will F is on vacation for a bit longer. I believe the main reason he did not want to create a new module was that it would result in an almost identical body of code. Perhaps the existing pam_krb5 tree can be refactored or the build process could be modified so that the 2 modules (should he choose to take your advice) share a common body of code except for the places where the logic differs for standard krb5 vs pkinit. -Wyllys
