On Thu, Feb 08, 2001 at 01:11:24PM -0600, Steve Langasek wrote:
> So all in all, it's better to use pam_unix than pam_pwdb in most cases
> (assuming you have a recent version of Linux-PAM).
>From a vendor's perspective, pam_pwdb has one huge advantage which is
that it tries to detect where an account resides (passwd, shadow, nis).
AFAICT, with pam_unix you have to define this manually in the config file,
and there's no mixing of local and NIS accounts as with NIS compat
mode (the +::::: hack).
pam_unix2 (by Torsten Kukuk) is actually much better because it emulates
the NSS search logic to detect where an account comes from, and uses
the appropriate mechanism to change it (the down side of it is that
you have to patch it for every new NSS flavor, but that's a different
story).
Olaf
--
Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
okir@monad.swb.de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
okir@caldera.de +-------------------- Why Not?! -----------------------
UNIX, n.: Spanish manufacturer of fire extinguishers.
