On Mon, Apr 04, 2005 at 02:27:18PM -0600, Yves Dorfsman wrote: >> Not that I'm aware of, no. LDAP authentication was the reason why I >> first patched PAM support into my local copy... > >Just so that we are clear: I am not trying to authenticate cvs users with >ldap directly. Solaris is using ldap to authenticate, and I want cvs to >still trust UNIX (Solaris) as far as authentication goes. I haven't >checked the cvs source yet, but I am assuming cvs doesn't look for the >password in /etc/passwd, /etc/shadow etc... but rather use a library call >to the OS - I expect that the OS compare the password with whichever >source it gets it from (files, NIS, ldap etc...).
That depends; on some OSes getpwent() and friends don't work with nsswitch but always use local files anyway. :-( >When you say you went to 1.12 for PAM support, was that because you needed >a more granular control over who can use CVS, or you were in the same >situation I am right now (the OS using ldap for auth) ? I moved the systems here over to LDAP, then found that the pserver didn't authenticate. Adding PAM support seemed to be the quickest way to fix that, and also added more flexibility. Even if we've never used that flexibility... :-) -- Steve McIntyre, Cambridge, UK. [EMAIL PROTECTED] "I suspect most samba developers are already technically insane... Of course, since many of them are Australians, you can't tell." -- Linus Torvalds
signature.asc
Description: Digital signature
_______________________________________________ Info-cvs mailing list [email protected] http://lists.gnu.org/mailman/listinfo/info-cvs
