LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 05-24-2020, 05:03 AM   #1
dalacor
Member
 
Registered: Feb 2019
Distribution: Slackware
Posts: 170

Rep: Reputation: Disabled
is PAM replacing Shadow


I was trialing out creating a minimal install of Slackware this weekend and unfortunate timing of Pam release in latest updates resulted in a situation where when I upgraded Slackware for the first time, I could not login again.

I have fixed all that by installing the necessary packages. So that is sorted.

But it got me wondering exactly what PAM will do in future as I don't need active directory authentication, kerberor or linking up with any other system which I believe is what PAM is about. I just use Slackware as an Internet Filtering Proxy server for the one build and as a firewall for the other build.

So all I have is Slackware installed without X windows (so no x, xap, tcl, y packages) and I mostly login via putty or connect via hypver-v on host machine for the Slackware installs that I have running in a VM. One of my future jobs is to setup putty to use certificates to login instead of typing in the password.

At the moment, PAM does not seem to affect anything, but I don't know whether my putty login, certificates and the way I create user accounts will need to change in future to use PAM - or will shadow just take advantage of PAM functionality and we just continue to use Shadow?
 
Old 05-24-2020, 05:18 AM   #2
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 8,559

Rep: Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105
Shadow is still being used, no worries. Pam is just a connector through to the regular shadow authentication. Your account and your password are still managed in /etc/passwd /etc/group and /etc/shadow .
Actually the shadow package adds a lot of files to /etc/pam.d/ .
 
1 members found this post helpful.
Old 05-24-2020, 05:40 AM   #3
dalacor
Member
 
Registered: Feb 2019
Distribution: Slackware
Posts: 170

Original Poster
Rep: Reputation: Disabled
That's good to know. I had a feeling this was the case. As you say, PAM is more about adding modular functionality to the existing system. However, I wonder if it makes sense to require the latest version of Shadow to need the Pam dependencies - if you are not using PAM for anything! Like other people I was caught off guard missing the libtirpc library that I did not have installed.
 
Old 05-24-2020, 05:51 AM   #4
GazL
LQ Veteran
 
Registered: May 2008
Posts: 6,882

Rep: Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988
Quote:
Originally Posted by dalacor View Post
I wonder if it makes sense to require the latest version of Shadow to need the Pam dependencies
Unfortunately, that's not the way shadow is written. Instead of the PAM modules being in addition to the existing functionality, they replace it. Nothing we can do about that.
 
Old 05-24-2020, 06:43 AM   #5
dalacor
Member
 
Registered: Feb 2019
Distribution: Slackware
Posts: 170

Original Poster
Rep: Reputation: Disabled
I suppose it makes sense to make it integrated instead of an addon - it always works better if it is built into the package, rather than being a plugin as it were.
 
Old 05-24-2020, 11:21 PM   #6
elcore
Senior Member
 
Registered: Sep 2014
Distribution: Slackware
Posts: 1,751

Rep: Reputation: Disabled
Quote:
Originally Posted by dalacor View Post
I suppose it makes sense to make it integrated instead of an addon - it always works better if it is built into the package, rather than being a plugin as it were.
Yes of course, that is why nouveau is built-in to kernel and not built as a module. (IIRC it's always been a module for a good reason)
Seriously, how exactly does software with forced feature work better than software with optional feature?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
/etc/pam.d/system-auth-ac vs. /etc/pam.d/password-auth-ac vs. /etc/pam.d/sshd christr Red Hat 2 08-01-2014 07:08 PM
Result of replacing x from * in /etc/shadow vijaythanvi Red Hat 1 03-17-2011 11:19 AM
ubuntu karmic nis client 'ypcat shadow.byname' works, but 'getent shadow' fails casterln Linux - Networking 1 03-06-2010 01:47 AM
/etc/shadow- (notice the dash after the word shadow) shellcode Linux - Security 1 09-03-2004 04:54 AM
postfix + smtpauth + pam/shadow dazk Debian 0 07-30-2003 10:41 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 02:14 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration