|
|
| Line 1: |
Line 1: |
| {{Ebuild | | {{Person |
| |Summary=Base configuration files for different PAM implementations | | |Geoloc=40.4167754, -3.7037902 |
| |CatPkg=sys-auth/pambase | | |Location name=Madrid, Spain |
| | |Blogs= |
| }} | | }} |
| == Current design ==
| | Hi! I'm a Python & Java web developer from Spain! Also interested in Operating Systems, Artificial Intelligence and Software Craftmanship. |
| === Installed files ===
| |
| Currently the following files are installed by pambase:
| |
|
| |
|
| <pre>
| | Devices: |
| /etc/pam.d/login
| |
| /etc/pam.d/passwd
| |
| /etc/pam.d/su
| |
| /etc/pam.d/system-auth
| |
| /etc/pam.d/system-login
| |
| /etc/pam.d/system-local-login
| |
| /etc/pam.d/system-remote-login
| |
| /etc/pam.d/system-services
| |
| /etc/pam.d/other
| |
| </pre>
| |
|
| |
|
| The files starting with 'system' prefix are intended to be used by other PAM files. In particular:
| | Asha: |
| | Macbook Pro 6.1 - Core i7 M 620 - 4 GB RAM - 500 GB HDD |
| | EFI Boot with Grub2, only funtoo in a luks/lvm. |
|
| |
|
| # ''system-auth'' is used whenever user authentication is desired. It is included in PAM files for account manipulation tools (''passwd'', ''chsh'', ...), authenticated daemons (''imap'', ''pop3''), ''xscreensaver'' (for screen locking) and ''system-login''.
| | Freya: |
| # ''system-login'' is used whenever login is done. It is currently included only in ''system-local-login'' and ''system-remote-login''.
| | EeePc 1008HA - Atom N720 - 1 GB RAM |
| # ''system-local-login'' is used whenever local system login is performed. It is used by ''login'' and display managers.
| | /dev/sda1 boot |
| # ''system-remote-login'' is used whenever remote system login is performed. It is used by ''sshd''.
| | /dev/sda2 root |
| # ''system-services'' is used whenever system daemons are started. It is used by ''start-stop-daemon'' and systemd.
| | /dev/sda3 fat32 (EeePc Boot Booster) |
| | |
| === How files are generated ===
| |
| The pambase Makefile generates the above files using traditional C preprocessor on top of templates. The preprocessor is provided with defines matching USE flags of choice. The processed files are then installed to user systems.
| |
| | |
| === Problems with the current system ===
| |
| The problems with the current system are:
| |
| | |
| # centralised management of PAM backends,
| |
| # no easy way for user to modify the configuration files without having to repeatedly handle updates.
| |
| | |
| In particular, the ability to change authentication backends is very limited. If a new backend is to be supported out-of-the-box, one needs to update the pambase package and add more flags and conditionals to it. There is no sane way of controlling the module use order or adding out-of-tree PAM modules.
| |
| | |
| If user modifies module configuration, he needs to maintain the modifications while pambase upgrades try to restore configuration file to the original content.
| |
| | |
| {{EbuildFooter}}
| |
Location
Loading map...
{"minzoom":false,"maxzoom":false,"mappingservice":"leaflet","width":"100%","height":"350px","centre":false,"title":"","label":"","icon":"","lines":[],"polygons":[],"circles":[],"rectangles":[],"copycoords":false,"static":false,"zoom":5,"defzoom":14,"layers":["OpenStreetMap"],"image layers":[],"overlays":[],"resizable":false,"fullscreen":false,"scrollwheelzoom":true,"cluster":false,"clustermaxzoom":20,"clusterzoomonclick":true,"clustermaxradius":80,"clusterspiderfy":true,"geojson":"","clicktarget":"","imageLayers":[],"locations":[{"text":"","title":"","link":"","lat":40.4167754,"lon":-3.7037902,"icon":""}],"imageoverlays":null}
Hi! I'm a Python & Java web developer from Spain! Also interested in Operating Systems, Artificial Intelligence and Software Craftmanship.
Devices:
Asha:
Macbook Pro 6.1 - Core i7 M 620 - 4 GB RAM - 500 GB HDD
EFI Boot with Grub2, only funtoo in a luks/lvm.
Freya:
EeePc 1008HA - Atom N720 - 1 GB RAM
/dev/sda1 boot
/dev/sda2 root
/dev/sda3 fat32 (EeePc Boot Booster)