Re: Linux-PAM and Bekkeley DB
On 30/10/11 09:43, Jeremy Huntwork wrote: > On Oct 29, 2011, at 5:52 PM, Wayne Blaszczyk wrote: > >> The Linux-PAM build fails for me, most likely due to the Bekkeley DB >> upgrade to 5.2.26. >> I get the following error: >> >> .libs/pam_userdb.o: In function `user_lookup': >> /sources/Linux-PAM-1.1.3/modules/pam_userdb/pam_userdb.c:159: undefined >> reference to `__db_ndbm_open' > > > Try building db with --enable-dbm. > > JH > Thanks, that worked. As mentioned by DJ in the previous post, I think this should be included in the standard build. Regards, Wayne. -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: Linux-PAM and Bekkeley DB
Wayne Blaszczyk wrote: > On 30/10/11 09:43, Jeremy Huntwork wrote: >> On Oct 29, 2011, at 5:52 PM, Wayne Blaszczyk wrote: >> >>> The Linux-PAM build fails for me, most likely due to the Bekkeley DB >>> upgrade to 5.2.26. >>> I get the following error: >>> >>> .libs/pam_userdb.o: In function `user_lookup': >>> /sources/Linux-PAM-1.1.3/modules/pam_userdb/pam_userdb.c:159: undefined >>> reference to `__db_ndbm_open' >> >> Try building db with --enable-dbm. > Thanks, that worked. As mentioned by DJ in the previous post, I think > this should be included in the standard build. I don't generally use PAM, so I don't mind any changes to it. I'm curious though. What do others get from PAM? I don't see any advantages over plain shadow for a direct terminal or ssh login unless you have a lot of different users trying to login and you are trying to control that via ldap. For me where there are only a very few users, e.g. 3 on a server, PAM just gets in the way. I feel the same way about tcpwrappers and xinetd. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: Linux-PAM and Bekkeley DB
On Sun, 30 Oct 2011 12:02:53 -0500 Bruce Dubbs wrote: > Wayne Blaszczyk wrote: > > On 30/10/11 09:43, Jeremy Huntwork wrote: > >> Try building db with --enable-dbm. > > > Thanks, that worked. As mentioned by DJ in the previous post, I think > > this should be included in the standard build. > > I don't generally use PAM, so I don't mind any changes to it. I think Wayne was actually suggesting a change to the way berkeley-db is installed > I'm curious though. What do others get from PAM? Personally I install PAM so I can use pam_faildelay.so with ssh to set an arbitrary amount of time between login attempts. Brute force attacks are not practical if the script has to wait 2 minutes for each password it tries. Andy -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: Linux-PAM and Bekkeley DB
> I don't generally use PAM, so I don't mind any changes to it. I'm > curious though. What do others get from PAM? I don't see any > advantages over plain shadow for a direct terminal or ssh login unless > you have a lot of different users trying to login and you are trying to > control that via ldap. > > For me where there are only a very few users, e.g. 3 on a server, PAM > just gets in the way. > > I feel the same way about tcpwrappers and xinetd. > >-- Bruce I only install it due to some required dependency, gnome-screensaver I think. If it wasn't for that, I wouldn't install it myself either. Wayne. -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: Linux-PAM and Bekkeley DB
On 10/30/2011 12:02 PM, Bruce Dubbs wrote: > Wayne Blaszczyk wrote: >> On 30/10/11 09:43, Jeremy Huntwork wrote: >>> On Oct 29, 2011, at 5:52 PM, Wayne Blaszczyk wrote: >>> The Linux-PAM build fails for me, most likely due to the Bekkeley DB upgrade to 5.2.26. I get the following error: .libs/pam_userdb.o: In function `user_lookup': /sources/Linux-PAM-1.1.3/modules/pam_userdb/pam_userdb.c:159: undefined reference to `__db_ndbm_open' >>> Try building db with --enable-dbm. >> Thanks, that worked. As mentioned by DJ in the previous post, I think >> this should be included in the standard build. > I don't generally use PAM, so I don't mind any changes to it. I'm > curious though. What do others get from PAM? I don't see any > advantages over plain shadow for a direct terminal or ssh login unless > you have a lot of different users trying to login and you are trying to > control that via ldap. > > For me where there are only a very few users, e.g. 3 on a server, PAM > just gets in the way. > > I feel the same way about tcpwrappers and xinetd. > > -- Bruce Were you wanting to remove it from the book? -- DJ Lucas -- This message has been scanned for viruses and dangerous content, and is believed to be clean. -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: Linux-PAM and Bekkeley DB
DJ Lucas wrote: > On 10/30/2011 12:02 PM, Bruce Dubbs wrote: >> Wayne Blaszczyk wrote: >>> On 30/10/11 09:43, Jeremy Huntwork wrote: On Oct 29, 2011, at 5:52 PM, Wayne Blaszczyk wrote: > The Linux-PAM build fails for me, most likely due to the Bekkeley DB > upgrade to 5.2.26. > I get the following error: > > .libs/pam_userdb.o: In function `user_lookup': > /sources/Linux-PAM-1.1.3/modules/pam_userdb/pam_userdb.c:159: undefined > reference to `__db_ndbm_open' Try building db with --enable-dbm. >>> Thanks, that worked. As mentioned by DJ in the previous post, I think >>> this should be included in the standard build. >> I don't generally use PAM, so I don't mind any changes to it. I'm >> curious though. What do others get from PAM? I don't see any >> advantages over plain shadow for a direct terminal or ssh login unless >> you have a lot of different users trying to login and you are trying to >> control that via ldap. >> >> For me where there are only a very few users, e.g. 3 on a server, PAM >> just gets in the way. >> >> I feel the same way about tcpwrappers and xinetd. > Were you wanting to remove it from the book? No. I can see where all those could be useful to some users. I was just stating an opinion about when those packages are useful. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page