|
|
|
|
|
|
by nubinetwork
28 days ago
|
|
|
Both, really. Pam is a very annoying piece of software to deal with... if you configure it wrong, you'll either lock everyone out, or let everyone in regardless of what password they use. If you’re using a central LDAP server, and accidentally compile out LDAP support, you'll probably lose access to that machine pretty quickly. Any time I upgrade pam/shadow, I have a root window open and ready to save my butt after something goes sideways. Honestly, I hate Pam. It's one of the few pieces of software on Linux that desperately needs a replacement that isn't just a clone of the original. (nss also needs the boot) If you want an idea of how bad things are, buy a copy of Michael W Lucas' FreeBSD Pam mastery... |
|
|
Learned that lesson, oof. Taught me a few things about writing tests that I carry around with me though.