[email protected] wrote: > Further footnote - this is why we recommend nss-pam-ldapd or nssov, which > fully isolates applications from the underlying nss/pam libraries. And why we > don't recommend SSSD. A shame they had to go off and reinvent the wheel > without actually fixing its underlying problems. Some people never learn.
Hmm. AFAICT sssd also isolates from the nss/pam libraries. The pam_sss and libnss_sss modules also communicate with sssd over a Unix domain socket just like the other demons and accompanying modules you prefer do. Ciao, Michael.
