Re: LinuxPAM -> the road ahead

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Rok Papeľ wrote:
> 
> Hi!
> 
> What seems to be the plan for LinuxPAM to go in the future ?

Mmm.

well, personally, I'm in the mode of slowly trying to fix bugs folk file
bug reports for.

In my sandbox is:

  1. a pam.so object that can be dlopen()'d for convenient use with
things like Java. [untested]
  2. a module util library that will make stuff like getpwnam() easier
to do in a threadsafe manner where threadsafeness is supported.
[untested.]

Longer term, I'm hoping to finally add binary prompt support to the
SimplePAMApps so folk can see some examples of why they are such a good
idea - and we can also get the kinks out of this sort of thing. Another
issue that keeps coming up, and will probably require a small change to
binary prompt support as it stands is the idea of supporting event
driven authentication, where a module can request it be given CPU time
at some arbitrary point in the future. What I'm thinking of here is the
idea that a module can handle credential leases in a manner that is
abstracted for the application. We've had some discussion about this on
this list in the past, but it will require work and time to design and
implement...

A problem I am suffering from is a very practical and personal one: I've
evolved into someone who is very nervous about releasing early and often
because the size of the community of folk who use PAM is so large that
dealing with the fallout of a bug is no longer as trivial as it used to
be. And, as we all know, it takes at least twice as long to get bugs out
as it does to write them and I seem to have less time these days in
general.

So, I've been very slow at making releases (the changelog for example,
for 0.76 just keeps getting longer:

http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/pam/Linux-PAM/CHANGELOG?rev=1.92&content-type=text/vnd.viewcvs-markup

). I had hoped that putting stuff up on sourceforge might stimulate some
more parallel activity but, where it has, it would appear that I am
still serializing changes by not dealing with the bug/feature requests
in a timely manner.

Not sure what to do about it. Perhaps I'll stop worrying about it and
get back to releasing incrementally every few weeks or so... I worry,
but perhaps other folk would prefer releases more often - even if I'm
less sure about the general quality?

Cheers

Andrew
[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux