Re: [RFC] Remove supoort for NIS(+) from PAM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

On pe, 01 loka 2021, Björn 'besser82' Esser wrote:

Hello,

I'm currently doing some experiments with replacing the - upstream
mostly unmaintained - pam_unix module (authentication with user passwd)
with something using less bloated and cleaner code.  This topic is
currently also discussed with the upstream maintainer of pam_unix.

Replacing parts of a software for the sake of less complexity usually
comes with a cut-down of features; in this particular case it would be
dropping support for NIS(+), which has already been abandoned by its
initial developer SUN / Oracle for about 10 years [1].

Before starting some more concrete plans, I'd like to get some feedback
from the Fedora community how they feel about removing NIS(+) support in
PAM.  Is it even still actively used anywhere and/or by anyone in the
Fedora universe?


I am maintaining slapi-nis, the server side of NIS implementation on top
of FreeIPA. I also maintain libnsl2 in RHEL 9.

In RHEL 9 we removed client side of NIS(+) support from the
distribution. Server side emulation in FreeIPA is still available
because we have to be able to provide interoperability with non-Linux
clients.

The only reasonable use of NIS(+) beyond that is within computing farms.
NIS is very lightweight in terms of network traffic and an overhead for
a single request compared to LDAP-based solutions (SSSD). This is the
only reason we kept NIS support available for quite some time in
FreeIPA. But we are considering to remove it completely in future as
well.



--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux