Hi, in our university NIS+ is used for long. As there is no NIS+ implementation in the Debian distribution I decided last year to implement the pam_unix2 (http://www.suse.com/~kukuk) mechanism of Thorsten Kukuk in the Debian Pam-0.72 pam_unix module. This patch worked realy fine in cooperation with Solaris and was testet on over 50 Linux Computers. This patch was part of the collection of unofficial Debain-NIS+ packages maintained by Michael Feger and was public available for quite a while on http://www.realbodo.de/debian/ . Although this worked fine in practice I kindly invite you to have an eye on it. I've made a new updated patch on the cvs tree from 6.4.01 but it should also works well in the new Linux-PAM-0.75 version. If everything is ok Andrew Morgan plans to integrate it in the main cvs tree. Ok now the second part: In a large computer environment its also usefull to give the local systemadministator root access on his machine. There was an alternative su package available which allowed an user to gain root access on the local machine with his own user password. So it would be nice if this feature is implemented in PAM. In the pam_wheel mechanism only the flags trust and deny are available. So I inserted a this feature in this module With the flag ownpass a user in the wheel group can switch to root if his own userpasswordis correct. So there is no need to tell people the root password and the root switches can be logged. This two patches are attached in this mail and can also be downloaded on http://linux.uni-regensburg.de/nisplus Have fun Stefan -------- University of Regensburg http://linux.uni-regensburg.de
Attachment:
pam_unix.01.04.06.diff.gz
Description: GNU Zip compressed data
Attachment:
pam_wheel.01.04.06.diff.gz
Description: GNU Zip compressed data
