Hi, I have found a module pam_access in Linux-PAM which implements the same functionallity like the `original' version of pam_login_access from other platforms like Free BSD or OpenBSD. Additionally we use a pam_login_access module for Linux on the following sites: TU Chemnitz (Technical University Chemnitz, Germany) and LRZ (Leibniz Computing Centre, Munich. Germany). But there is a problem: /etc/security/access.conf is used by pam_access as the default config file and /etc/login.access is used by pam_login_access. So you can't transparently substituted one module through the other. Additionally the `new' pam_login_access module developed by Thomas Mueller (a college from TUC) and me provides enhancements for example like: * convert hostname to ip address support * IPv4(/) IPv6 support * network(address) / netmask support which are not part of the pam_access and the `original' pam_login_access module (If you want know more about that please have a look at http://www-user.tu-chemnitz.de/~mibe/sw/OpenPBS/home.php3 ). Now I work on an integration of this module code into Linux-PAM and don't know what is the better solution. Is it better to provide an additional module pam_login_access with its own code tree, or to enhance existing pam_access code with the new features and build two different modules at compile time where one will then be pam_access and the second will be pam_login_access. What's the consensus? Best regard, mike ----------------------------------------------------------------------------- Mike Becher Mike.Becher@xxxxxxxxxxxxxxx Leibniz-Rechenzentrum der http://www.lrz.de Bayerischen Akademie der Wissenschaften phone: +49-89-289-28721 Gruppe Hochleistungssysteme fax: +49-89-280-9460 Barer Strasse 21 D-80333 Muenchen Germany ----------------------------------------------------------------------------- _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
