Difference between pages "Package:PAM base" and "User:Ivanvcouso"

(Difference between pages)
(describe how files are generated and the issues with tht)
 
 
Line 1: Line 1:
{{Ebuild
+
{{Person
|Summary=Base configuration files for different PAM implementations
+
|Geoloc=40.4167754, -3.7037902
|CatPkg=sys-auth/pambase
+
|Location name=Madrid, Spain
 +
|Blogs=
 
}}
 
}}
== Current design ==
+
Hi! I'm a Python & Java web developer from Spain! Also interested in Operating Systems, Artificial Intelligence and Software Craftmanship.
=== Installed files ===
+
Currently the following files are installed by pambase:
+
  
<pre>
+
Devices:
/etc/pam.d/login
+
/etc/pam.d/passwd
+
/etc/pam.d/su
+
/etc/pam.d/system-auth
+
/etc/pam.d/system-login
+
/etc/pam.d/system-local-login
+
/etc/pam.d/system-remote-login
+
/etc/pam.d/system-services
+
/etc/pam.d/other
+
</pre>
+
  
The files starting with 'system' prefix are intended to be used by other PAM files. In particular:
+
Asha:
 +
Macbook Pro 6.1 - Core i7 M 620 - 4 GB RAM - 500 GB HDD
 +
EFI Boot with Grub2, only funtoo in a luks/lvm.
  
# ''system-auth'' is used whenever user authentication is desired. It is included in PAM files for account manipulation tools (''passwd'', ''chsh'', ...), authenticated daemons (''imap'', ''pop3''), ''xscreensaver'' (for screen locking) and ''system-login''.
+
Freya:
# ''system-login'' is used whenever login is done. It is currently included only in ''system-local-login'' and ''system-remote-login''.
+
EeePc 1008HA - Atom N720 - 1 GB RAM
# ''system-local-login'' is used whenever local system login is performed. It is used by ''login'' and display managers.
+
/dev/sda1 boot
# ''system-remote-login'' is used whenever remote system login is performed. It is used by ''sshd''.
+
/dev/sda2 root
# ''system-services'' is used whenever system daemons are started. It is used by ''start-stop-daemon'' and systemd.
+
/dev/sda3 fat32 (EeePc Boot Booster)
 
+
=== How files are generated ===
+
The pambase Makefile generates the above files using traditional C preprocessor on top of templates. The preprocessor is provided with defines matching USE flags of choice. The processed files are then installed to user systems.
+
 
+
=== Problems with the current system ===
+
The problems with the current system are:
+
 
+
# centralised management of PAM backends,
+
# no easy way for user to modify the configuration files without having to repeatedly handle updates.
+
 
+
In particular, the ability to change authentication backends is very limited. If a new backend is to be supported out-of-the-box, one needs to update the pambase package and add more flags and conditionals to it. There is no sane way of controlling the module use order or adding out-of-tree PAM modules.
+
 
+
If user modifies module configuration, he needs to maintain the modifications while pambase upgrades try to restore configuration file to the original content.
+
 
+
{{EbuildFooter}}
+

Revision as of 23:23, March 26, 2015

Iván Valderrábano Couso

Contact

Location

Loading map...
Madrid, Spain (40° 24' 59", -3° 42' 13")



Hi! I'm a Python & Java web developer from Spain! Also interested in Operating Systems, Artificial Intelligence and Software Craftmanship.

Devices:

Asha: Macbook Pro 6.1 - Core i7 M 620 - 4 GB RAM - 500 GB HDD EFI Boot with Grub2, only funtoo in a luks/lvm.

Freya: EeePc 1008HA - Atom N720 - 1 GB RAM /dev/sda1 boot /dev/sda2 root /dev/sda3 fat32 (EeePc Boot Booster)