Todd Underwood wrote: > i guess it depends upon what you mean by flexibility. you're right, the > mailalternateaddress functionality of qmail-ldap is nice. on the other > hand, the fact that i get configurability of various kinds of > authentication and authorization for *all* system services out of PAM is > also nice.
Not all system services may be written to support PAM. Also PAM and NSS are confused often. PAM means the pamified service is linked to the PAM library, and is using the PAM API. NSS is a different story. > so you don't have data on the performance of LDAP authentications against > PAM. too bad. i was hoping to see some. anyway, we'll throw out the > "faster" claim that you made about qmail-ldap until we see those data. I don't, since I could really care less. I know I'll have less headaches if I don't use PAM in the first place. > the additional amount of code needed to support PAM on a system that comes > bundled with it is 0. the additional amount of code needed to support > LDAP in qmail in >0. Not with qmail. Qmail would need to be patched to support PAM. If you mean NSS, then I agree. > people who are already using systems that are pamified and primarily want > qmail-ldap for user authentication/authorization should use PAM. people > who don't meet those two criteria shouldn't. Where's the qmail-pam patch?
