[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: PAM service mess [!!!]
From: Oswald Buddenhagen <ob6 () inf ! tu-dresden ! de>
Date: 2001-06-27 14:03:49
[Download RAW message or body]
hi,
the current assignment of pam services is a real mess.
kdm currently uses the value supplied in --with-pam or "kde".
kckeckpass uses the --with-pam value as well or "login" on freebsd
and "xdm" otherwise.
kscreensaver tries to convince kcheckpass to use "kscreensaver".
i think, that's crap. it's completely useless to use different
services. kcheckpass uses only the authentication (and credential
setting, but i truly don't know what this is supposed to be good
for) function of the auth part of the specified service - and that
one should be the same as the one used by kdm. it wouldn't be even
absurd to use "login" in general - kdm is supposed to do the same as
the login program after all. the screensaver just re-authenticates
the same user and should do this also the same way kdm does.
so i suggest the following:
- remove any #ifdef KDE_PAM_SERVICE voodoo from kdm, kcheckpass (and
indirectly kscreensaver) - it just _has_ to be there and therefore
will be the same everywhere.
- the service to use would be determined by configure that way:
--with-pam=<service>, otherwise just "kde" (yes, it's stupid, but
"kdm" implies too much if the service is to be shared).
if /etc/pam.d/<service> is not found, configure should complain
loudly pointing to (the updated :) README.pam.
alternatively we could provide --with-pam-kdm, --with-pam-kcheckpass
and everything else that will come one day. :)
comments?
greetings
--
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Nothing is fool-proof to a sufficiently talented fool.
>> Visit http://master.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic